CVE-2023-3669: CODESYS: Missing Brute-Force protection in CODESYS Development System
First published: Thu Aug 03 2023(Updated: )
A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.
Credit: info@cert.vde.com info@cert.vde.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| CODESYS Development System | <3.5.19.20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-3669.
What is the severity of CVE-2023-3669?
The severity of CVE-2023-3669 is low, with a severity value of 3.3.
What software is affected by CVE-2023-3669?
The CODESYS Development System prior to version 3.5.19.20 is affected by CVE-2023-3669.
What is the impact of CVE-2023-3669?
The impact of CVE-2023-3669 is that a local attacker can have unlimited attempts to guess the password within an import dialog.
How can I mitigate CVE-2023-3669?
To mitigate CVE-2023-3669, it is recommended to update to version 3.5.19.20 of the CODESYS Development System or later.
- collector/nvd-latest
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/severity
- agent/title
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/codesys
- canonical/codesys development system