Vulnerabilities > CVE-2021-27188 - Improper Restriction of Excessive Authentication Attempts vulnerability in Xn--B1Agzlht FX Aggregator Terminal Client 1.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

xn-b1agzlht

CWE-307

NVD

Published: 2021-02-12

Updated: 2021-02-19

Summary

The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 allows attackers to cause a denial of service (access suspended for five hours) by making five invalid login attempts to a victim's account.

Vulnerable Configurations

Part	Description	Count
Application	Xn--B1Agzlht XN B1Agzlht FX Aggregator Terminal Client 1.0	1

Common Weakness Enumeration (CWE)

CWE-307 - Improper Restriction of Excessive Authentication Attempts

References

https://www.dnb.com/business-directory/company-profiles.pryaniki_ooo.13b676c626e38d534ff1a6a2a9fc7e6a.html
https://github.com/jet-pentest/CVE-2021-27188