CVE-2022-22110 in Daybydayinformação

Sumário

de MITRE • 05/01/2022

In Daybyday CRM, versions 1.1 through 2.2.0 enforce weak password requirements in the user update functionality. A user with privileges to update his password could change it to a weak password, such as those with a length of a single character. This may allow an attacker to brute-force users’ passwords with minimal to no computational effort.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsável

WhiteSource

Reservar

21/12/2021

Divulgação

05/01/2022

Moderação

aceite

Entrada

VDB-189714

CPE

pronto

EPSS

0.01122

KEV

não

Atividades

muito baixo

Fontes

Do you want to use VulDB in your project?

Use the official API to access entries easily!