← volver
CVE-2025-0417

Valmet DNA Lack of protection against brute force attacks

CVSS 7 HIGHEPSS 0.1%CWE-307
Lack of protection against brute force attacks in Valmet DNA visualization in DNA Operate. The possibility to make an arbitrary number of login attempts without any rate limit gives an attacker an increased chance of guessing passwords and then performing switching operations.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/AU:Y/R:A/V:D/RE:L/U:Green
Productos afectados
Valmet · Valmet DNA

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.valmet.com/about-us/about/research-and-development/vulnerabilityadvisories/cve-2025-0417/