CVE-2024-38888

Name of the Vulnerable Software and Affected Versions Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405

Description The issue allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts. This is a result of the software's failure to properly limit the number of authentication attempts, making it vulnerable to brute force attacks.

Recommendations For versions 16.0.1.1663 through 24.0.1.2405, consider implementing additional security measures to restrict excessive authentication attempts, such as account lockout policies or rate limiting, until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.