PT-2022-16724 · Red Hat · Red Hat Process Automation Manager
Paramvir Jindal
·
Published
2022-08-09
·
Updated
2025-09-24
·
CVE-2022-2457
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Red Hat Process Automation Manager version 7
Description
A flaw was found in the software where an attacker can benefit from a brute force attack against the Administration Console, as the application does not limit the number of unsuccessful login attempts.
Recommendations
For Red Hat Process Automation Manager version 7, consider implementing a limit on the number of unsuccessful login attempts to the Administration Console as a temporary workaround until a patch is available. Restrict access to the Administration Console to minimize the risk of exploitation.
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Red Hat Process Automation Manager