All versions of the package github.com/greenpau/caddy-security are vulnerable to Improper Restriction of Excessive Authentication Attempts via the two-factor authentication (2FA). Although the application blocks the user after several failed attempts to provide 2FA codes, attackers can bypass this blocking mechanism by automating the application’s full multistep 2FA process.
Metrics
Affected Vendors & Products
References
History
Wed, 20 Nov 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2024-02-17T05:00:06.899Z
Updated: 2024-12-05T20:33:44.652Z
Reserved: 2023-12-22T12:33:20.119Z
Link: CVE-2024-21500
Vulnrichment
Updated: 2024-08-01T22:20:41.007Z
NVD
Status : Awaiting Analysis
Published: 2024-02-17T05:15:10.697
Modified: 2024-12-05T21:15:07.243
Link: CVE-2024-21500
Redhat
No data.