Vulnerabilities > CVE-2024-1345 - Improper Restriction of Excessive Authentication Attempts vulnerability in Laborofficefree 19.10

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
laborofficefree
CWE-307

Summary

Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to perform a brute force attack and easily discover the root password.

Vulnerable Configurations

Part Description Count
Application
Laborofficefree
1