Vulnerabilities > CVE-2023-37635 - Improper Restriction of Excessive Authentication Attempts vulnerability in Uvdesk Community-Skeleton 1.1.1

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
uvdesk
CWE-307
critical
NVD
Published: 2023-10-23
Updated: 2023-10-30

Summary

UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application.

Vulnerable Configurations

Part Description Count
Application
Uvdesk
1

Common Weakness Enumeration (CWE)

References