Vulnerabilities > CVE-2022-2321 - Improper Restriction of Excessive Authentication Attempts vulnerability in Heroiclabs Nakama

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
heroiclabs
CWE-307
NVD
Published: 2022-07-05
Updated: 2022-07-14

Summary

Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama prior to 3.13.0. This results in login brute-force attacks.

Vulnerable Configurations

Part Description Count
Application
Heroiclabs
67

Common Weakness Enumeration (CWE)

References