CVE-2022-37145

Name of the Vulnerable Software and Affected Versions PlexTrac versions prior to 1.17.0

Description The issue allows an unauthenticated remote attacker to perform a brute-force attack on the login page with no time or attempt limitation, potentially obtaining valid credentials for platform users configured to use the PlexTrac authentication provider.

Recommendations For versions prior to 1.17.0, update to version 1.17.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the login page or implementing additional authentication measures to minimize the risk of exploitation.