Vulnerabilities > CVE-2021-37934 - Improper Restriction of Excessive Authentication Attempts vulnerability in Huntflow Enterprise 3.10.6
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Due to insufficient server-side login-attempt limit enforcement, a vulnerability in /account/login in Huntflow Enterprise before 3.10.14 could allow an unauthenticated, remote user to perform multiple login attempts for brute-force password guessing.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |