CVE-2023-23755: [20230502] - Core - Bruteforce prevention within the mfa screen
First published: Tue May 30 2023(Updated: )
An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute force attacks against MFA methods.
Credit: security@joomla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Joomla Joomla\! | >=4.2.0<4.3.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Joomla issue?
The vulnerability ID for this Joomla issue is CVE-2023-23755.
What is the severity of CVE-2023-23755?
The severity of CVE-2023-23755 is high.
What is the affected software version range for CVE-2023-23755?
The affected software version range for CVE-2023-23755 is between 4.2.0 and 4.3.1.
What is the CWE ID for CVE-2023-23755?
The CWE ID for CVE-2023-23755 is 307.
How can I fix the CVE-2023-23755 vulnerability?
To fix the CVE-2023-23755 vulnerability, it is recommended to update Joomla to version 4.3.2 or later.
- collector/nvd-latest
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/title
- agent/severity
- agent/tags
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- vendor/joomla
- canonical/joomla joomla\!
- version/joomla joomla\!/4.2.0