Vulnerabilities > CVE-2020-27423 - Improper Restriction of Excessive Authentication Attempts vulnerability in Anuko Time Tracker 1.19.23.5311
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows attacker to perform Denial of Service attack on any legitimate user's mailbox
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |