PT-2019-15303 · Omron · Omron Plc Cj Series

Publicado

2019-12-16

Atualizado

2019-12-27

CVE-2019-18261

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Omron PLC CS series, all versions Omron PLC CJ series, all versions Omron PLC NJ series, all versions

Description The software does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks.

Recommendations For Omron PLC CS series, all versions, implement rate limiting or account lockout policies to prevent brute force attacks. For Omron PLC CJ series, all versions, consider adding a time delay between failed login attempts to slow down the attack process. For Omron PLC NJ series, all versions, restrict access to the authentication mechanism to minimize the risk of exploitation.

Correção

Improper Restriction of Excessive Authentication Attempts

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-307

Identificadores relacionados

CVE-2019-18261

Produtos afetados

Omron Plc Cj Series

PT-2019-15303 · Omron · Omron Plc Cj Series

CVE-2019-18261

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2