RapidIdentity LTS and Cloud vulnerabilities lead to denial of service
CVE-2024-45589
5.9MEDIUM
Key Information:
- Vendor
RapidIdentity
- Status
- Vendor
- CVE Published:
- 5 September 2024
Badges
👾 Exploit Exists🟡 Public PoC
What is CVE-2024-45589?
RapidIdentity LTS through 2023.0.2 and Cloud through 2024.08.0 improperly restricts excessive authentication attempts and allows a remote attacker to cause a denial of service via the username parameters.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.