Security Advisory

CVE-2023-25156

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-02-15 00:00:00

Last updated 2025-03-10 21:11:11

Assigner GitHub_M

State PUBLISHED

Description

Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt brute-force attacks against the login page. Users should upgrade to v12.0 or later to receive a patch. As a workaround, users may install and configure a rate-limiting proxy in front of Kiwi TCMS.

← Browse all CVEs View on cve.org ↗