CVE-2021-28248 · CVEKit

cve.orgen

383 chars

CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Authentication Attempts. An attacker is able to perform an arbitrary number of /web/frames/ authentication attempts using different passwords, and eventually gain access to a targeted account, NOTE: This vulnerability only affects products that are no longer supported by the maintainer

NVDen

383 chars

CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Authentication Attempts. An attacker is able to perform an arbitrary number of /web/frames/ authentication attempts using different passwords, and eventually gain access to a targeted account, NOTE: This vulnerability only affects products that are no longer supported by the maintainer

NVDes

480 chars

** NO COMPATIBLE CUANDO SE ASIGNÓ ** CA eHealth Performance Manager versiones hasta 6.3.2.12, está afectado por la Restricción Inapropiada de Intentos de Autenticación Excesivos. Un atacante puede ser capaz de llevar a cabo una cantidad arbitrario de intentos de autenticación /web/frames/ usando diferentes contraseñas y, finalmente, conseguir acceso a una cuenta de destino. NOTA: Esta vulnerabilidad solo afecta a los productos que ya no son compatibles por el mantenedor.

CVSS metrics across sources

5

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	cve.org	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N