CVE-2024-53647

CVSS v3.1

8.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Name of the Vulnerable Software and Affected Versions Trend Micro ID Security versions 3.0 and below

Description The issue allows an attacker to send an unlimited number of email verification requests without restriction, potentially leading to abuse or denial of service.

Recommendations For versions 3.0 and below, consider restricting access to the email verification request feature until a patch is available. As a temporary workaround, limit the number of email verification requests that can be sent within a certain timeframe to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Improper Restriction of Excessive Authentication Attempts

Allocation of Resources Without Limits

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-307CWE-770CWE-400

Related Identifiers

CVE-2024-53647

Affected Products

Trend Micro Security

CVE-2024-53647

Weakness Enumeration

Related Identifiers

Affected Products

References · 6