CVE-2023-3669

CWE-3076 documents4 sources
Severity
3.3LOW
EPSS
0.0%
top 85.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Codesys Codesys Development SystemCodesys Development System
Timeline
PublishedAug 3

Description

A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5codesys/codesys_development_system3.0.0.03.5.19.20

🔴Vulnerability Details

5
GHSA
GHSA-gwpm-jp9f-hxfg: A missing Brute-Force protection in CODESYS Development System prior to 32023-08-03
CVEList
CODESYS: Missing Brute-Force protection in CODESYS Development System2023-08-03
OSV
linux-snapdragon vulnerabilities2023-04-19
OSV
linux-azure-4.15 vulnerabilities2023-03-07
OSV
linux-azure, linux-azure, linux-azure vulnerabilities2023-03-06
CVE-2023-3669 (LOW CVSS 3.3) | A missing Brute-Force protection in | cvebase.io