PT-2022-14078 · Unknown · Polonel/Trudesk

Published

2022-05-16

Updated

2022-05-25

CVE-2022-1728

CVSS v3.1

7.6

High

Vector

AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions polonel/trudesk versions prior to 1.2.2

Description The issue allows for a denial of service when long passwords are used. This can be exploited to conduct a DDoS attack, preventing genuine users from accessing resources or applications.

Recommendations For versions prior to 1.2.2, update to version 1.2.2 or later to resolve the issue. As a temporary workaround, consider restricting the length of passwords to prevent abuse.

Exploit

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2022-1728

Affected Products

Polonel/Trudesk

PT-2022-14078 · Unknown · Polonel/Trudesk

CVE-2022-1728

Weakness Enumeration

Related Identifiers

Affected Products

References · 6