RSS   Podatności dla 'Bitrix framework'   RSS

2020-12-02
 
CVE-2020-28206

CWE-307
 

 
An issue was discovered in Bitrix24 Bitrix Framework (1c site management) 20.0. An "User enumeration and Improper Restriction of Excessive Authentication Attempts" vulnerability exists in the admin login form, allowing a remote user to enumerate users in the administrator group. This also allows brute-force attacks on the passwords of users not in the administrator group.

 

 >>> Vendor: Bitrix24 2 Produkty
Bitrix24
Bitrix framework


Copyright 2024, cxsecurity.com

 

Back to Top