Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2016-10321

Published: 10/04/2017 Updated: 21/06/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Web2py

Vulnerability Summary

web2py prior to 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote malicious user to perform brute-force attacks.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

web2py web2py

Vendor Advisories

Debian CVElist Bug Report Logs: web2py: CVE-2016-10321
Debian Bug report logs - #860038 web2py: CVE-2016-10321 Package: src:web2py; Maintainer for src:web2py is José L Redrejo Rodríguez <jredrejo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 15:15:02 UTC Severity: important Tags: patch, security, upstream Found in version w ...
Ubuntu Security Notice: web2py vulnerabilities
Several security issues were fixed in web2py ...

References

CWE-254https://github.com/web2py/web2py/issues/1585#issuecomment-284317919https://github.com/web2py/web2py/commit/944d8bd8f3c5cf8ae296fc03d149056c65358426https://usn.ubuntu.com/4030-1/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860038https://usn.ubuntu.com/4030-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook