|
|
|||
| Rule General Information |
|---|
| Release Date: | 2023-04-12 | |
| Rule Name: | Netgate pfSense Plus v22.05.1 Brute Force Vulnerability (CVE-2023-27100) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests. | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | http://packetstormsecurity.com/files/171791/pfsenseCE-2.6.0-Protection-Bypass.html https://docs.netgate.com/downloads/pfSense-SA-23_05.sshguard.asc https://redmine.pfsense.org/issues/13574 |
|
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |