PT-2023-29929 · Mitsubishi · Melsec Iq-R Series Cpu Modules
Peter Cheng
·
Published
2023-11-06
·
Updated
2024-02-15
·
CVE-2023-4625
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
MELSEC iQ-F/iQ-R Series CPU modules (affected versions not specified)
Description
The issue allows a remote unauthenticated attacker to prevent legitimate users from logging into the Web server function for a certain period after the attacker has attempted to log in illegally by continuously attempting unauthorized login to the Web server function. The impact of this issue will persist while the attacker continues to attempt unauthorized login.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this issue.
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Melsec Iq-R Series Cpu Modules