漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cloud Foundry UAA MFA does not prevent brute force of MFA code
Vulnerability Description
Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior to 61.0, allows brute forcing of MFA codes. A remote unauthenticated malicious user in possession of a valid username and password can brute force MFA to login as the targeted user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cloud Foundry UAA和uaa-release 安全漏洞
Vulnerability Description
Cloud Foundry UAA和uaa-release都是美国Cloud Foundry基金会的应用于Cloud Foundry云平台的不同版本的身份验证和管理服务终端。 Cloud Foundry UAA 4.20.0之前版本和uaa-release 61.0之前版本中存在安全漏洞。远程攻击者可借助合法的用户名和密码利用该漏洞暴力破解MFA码,进而以目标用户的身份登录。
CVSS Information
N/A
Vulnerability Type
N/A