CVE-2022-35143

Critical

Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks.

mitre·CWE-521·Published 2022-08-04

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

129 chars

Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks.

NVDen

129 chars

Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks.

OSV.deven

210 chars

Raneto v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks. Version 0.17.1 contains security mitigations for this and other vulnerabilities.

GHSAen

210 chars

NVDes

182 chars

Renato versión v0.17.0 emplea requisitos de complejidad de contraseñas débiles, permitiendo a atacantes descifrar las contraseñas de los usuarios por medio de ataques de fuerza bruta

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	GHSA	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H