CVE-2019-18985

Critical

Pimcore before 6.2.2 lacks brute force protection for the 2FA token.

mitre·CWE-307·Published 2019-11-15

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

68 chars

Pimcore before 6.2.2 lacks brute force protection for the 2FA token.

NVDen

68 chars

Pimcore before 6.2.2 lacks brute force protection for the 2FA token.

OSV.deven

68 chars

Pimcore before 6.2.2 lacks brute force protection for the 2FA token.

GHSAen

68 chars

Pimcore before 6.2.2 lacks brute force protection for the 2FA token.

NVDes

104 chars

Pimcore versiones anteriores a la versión 6.2.2, carece de protección de fuerza bruta para el token 2FA.

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H