PT-2021-15185 · Spacelynk+1 · Spacelynk+1
Published
2021-05-26
·
Updated
2023-01-20
·
CVE-2021-22737
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
homeLYnk (Wiser For KNX) versions prior to V2.60
spaceLYnk versions prior to V2.60
Description
The issue allows for unauthorized access when credentials are discovered after a brute force attack due to insufficient protection of credentials.
Recommendations
For homeLYnk (Wiser For KNX) versions prior to V2.60, update to a version newer than V2.60 to resolve the issue.
For spaceLYnk versions prior to V2.60, update to a version newer than V2.60 to resolve the issue.
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Homelynk
Spacelynk