Andrey Lomtev

Name of the Vulnerable Software and Affected Versions: Huntflow Enterprise versions prior to 3.10.14 Description: The issue is due to insufficient server-side login-attempt limit enforcement. This allows an unauthenticated, remote user to perform multiple login attempts for brute-force password guessing via the /account/login endpoint. Recommendations: For versions prior to 3.10.14, update to version 3.10.14 or later to resolve the issue. As a temporary workaround, consider restricting access to the /account/login endpoint to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Huntflow Enterprise versions prior to 3.10.4 Description: An information disclosure issue in the login page could allow an unauthenticated, remote user to obtain information about the domain name of the configured LDAP server. This can be exploited by requesting the login page and searching for the `isLdap` JavaScript parameter in the HTML source code. Recommendations: For versions prior to 3.10.4, update to version 3.10.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the login page to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Huntflow Enterprise versions prior to 3.10.6 Description: The issue is related to an LDAP injection vulnerability in the /account/login endpoint. It allows an unauthenticated, remote user to modify the logic of an LDAP query and bypass authentication due to insufficient server-side validation of the `email` parameter. An attacker could exploit this by sending login attempts with a valid password and a wildcard character in the `email` parameter. Recommendations: For versions prior to 3.10.6, update to version 3.10.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the /account/login endpoint or validating the `email` parameter on the client-side to minimize the risk of exploitation.