PT-2023-29929 · Mitsubishi · Melsec Iq-R Series Cpu Modules

Peter Cheng

Publicado

2023-11-06

Atualizado

2024-02-15

CVE-2023-4625

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions MELSEC iQ-F/iQ-R Series CPU modules (affected versions not specified)

Description The issue allows a remote unauthenticated attacker to prevent legitimate users from logging into the Web server function for a certain period after the attacker has attempted to log in illegally by continuously attempting unauthorized login to the Web server function. The impact of this issue will persist while the attacker continues to attempt unauthorized login.

Recommendations At the moment, there is no information about a newer version that contains a fix for this issue.

Correção

Improper Restriction of Excessive Authentication Attempts

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-307

Identificadores relacionados

CVE-2023-4625

Produtos afetados

Melsec Iq-R Series Cpu Modules

PT-2023-29929 · Mitsubishi · Melsec Iq-R Series Cpu Modules

CVE-2023-4625

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5