CVE-2024-47547

Name of the Vulnerable Software and Affected Versions Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x

Description The issue is related to a weak mechanism in the password change process, which makes authentication vulnerable to brute force attacks. This weakness can be exploited by a remote attacker to bypass existing security restrictions and perform a brute force attack.

Recommendations For Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x, consider upgrading to a version that includes a fix for this issue as soon as possible. As a temporary workaround, restrict access to the password change mechanism to minimize the risk of exploitation. Additionally, users should be cautious when changing their passwords and avoid using weak or easily guessable passwords. At the moment, there is no information about a newer version that contains a fix for this vulnerability.