CVE-2023-46745

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 17, 2023

Updated: Nov 25, 2023

CWE ID 307

Summary

CVE-2023-46745 is a vulnerability affecting LibreNMS, an open-source network monitoring tool. The issue lies in the lack of a rate limit on the login method, making it susceptible to brute force attacks. An attacker could exploit this weakness to gain unauthorized access to user accounts. LibreNMS users are strongly urged to upgrade to version 23.11.0 as soon as possible to mitigate this risk. No known workarounds exist for this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

LibreNMS

Affected Vendors

LibreNMS

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tIwXjV
https://www.cve.org/CVERecord?id=CVE-2023-46745
https://nvd.nist.gov/vuln/detail/CVE-2023-46745

Back to Vulnerability Database