Brute Force Vulnerability in Revive Adserver by Revive Adserver
CVE-2023-26756

7.5HIGH

Key Information:

Vendor

Revive

Status
Adserver
Vendor
CVE Published:
14 April 2023

What is CVE-2023-26756?

The login page of Revive Adserver version 5.4.1 presents a vulnerability that could potentially allow attackers to conduct brute force attacks. While the vendor asserts that rate limiting and strong password policies are in place to mitigate this risk, the exposure remains a significant concern for administrators looking to secure their instances. It is crucial for users to remain vigilant and consider additional protective measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://googleinformationsworld.blogspot.com/2023/04/revi...
https://www.esecforte.com/login-page-brute-force-attack/
http://seclists.org/fulldisclosure/2024/Apr/27
mailing-list

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.