CVE-2020-8228

Medium

A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times.

hackerone·CWE-840·Published 2020-10-05

CVSS

5.3

EPSS

0.02

KEV

Exploits

cve.orgen

130 chars

A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times.

NVDen

130 chars

A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times.

NVDes

165 chars

Una falta de límite de velocidad en la aplicación Preferred Providers versión 1.7.0, permitió a un atacante ajustar la contraseña una cantidad de veces no controlada

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.1	Primary	NVD	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L