CVE-2022-37772

Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to excessive verbose responses from the application. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
VendorProductVersion
maarchmaarch_rm
2.8 ≤
𝑥
< 2.8.6
maarchmaarch_rm
2.9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://maarch.com
https://github.com/frame84/vulns/blob/main/MaarchRM/CVE-2022-37772/README.md
http://maarch.com
https://github.com/frame84/vulns/blob/main/MaarchRM/CVE-2022-37772/README.md