CVE-2025-23368
CVE-2025-23368
Título es
CVE-2025-23368
Mar, 04/03/2025 – 16:15
Tipo
CWE-307
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2025-23368
Descripción en
A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.
04/03/2025
04/03/2025
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Gravedad 3.1 (CVSS 3.1 Base Score)
8.10
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH
Referencias
https://access.redhat.com/security/cve/CVE-2025-23368
https://bugzilla.redhat.com/show_bug.cgi?id=2337621
Enviar en el boletín
Off
