Security Advisory

CVE-2022-37144

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-08 00:27:59

Last updated 2024-08-03 10:21:33

Assigner mitre

State PUBLISHED

Description

The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. An unauthenticated remote attacker in possession of a valid username and password can bruteforce their way past MFA protections to login as the targeted user.

← Browse all CVEs View on cve.org ↗