PT-2022-22597 · Raneto · Raneto

J-Gainsec

·

Published

2022-08-04

·

Updated

2022-08-10

·

CVE-2022-35143

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Raneto version 0.17.0
Description The issue is related to weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks.
Recommendations For version 0.17.0, update to version 0.17.1, which contains security mitigations for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-521

Related Identifiers

CVE-2022-35143
GHSA-7942-2FX8-QHPF

Affected Products

Raneto