Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The PlexTrac platform prior to version 1.17.0 does not restrict excessive authentication attempts for accounts configured to use the PlexTrac authentication provider. An unauthenticated remote attacker could perform a bruteforce attack on the login page with no time or attempt limitation in an attempt to obtain valid credentials for the platform users configured to use the PlexTrac authentication provider.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PlexTrac API 安全漏洞
Vulnerability Description
PlexTrac是美国PlexTrac公司的一个渗透测试报告和管理平台。 PlexTrac API 1.17.0之前版本存在安全漏洞,该漏洞源于没有限制配置为使用PlexTrac身份验证提供程序的帐户过多身份验证尝试,未经身份验证的远程攻击者可以在没有时间或尝试限制的情况下对登录页面执行暴力攻击,以尝试为配置使用PlexTrac身份验证提供程序的平台用户获取有效凭据。
CVSS Information
N/A
Vulnerability Type
N/A