← voltar
CVE-2025-0417

Valmet DNA Lack of protection against brute force attacks

CVSS 7 HIGHEPSS 0.1%CWE-307
Lack of protection against brute force attacks in Valmet DNA visualization in DNA Operate. The possibility to make an arbitrary number of login attempts without any rate limit gives an attacker an increased chance of guessing passwords and then performing switching operations.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/AU:Y/R:A/V:D/RE:L/U:Green
Produtos afetados
Valmet · Valmet DNA

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.valmet.com/about-us/about/research-and-development/vulnerabilityadvisories/cve-2025-0417/