Skip to main content

Credentials Management Errors

CVE-2014-9006

Severity Medium
Score 5/10

Summary

Monstra 3.0.1 and earlier uses a cookie to track how many login attempts have been attempted, which allows remote attackers to conduct brute force login attacks by deleting the login_attempts cookie or setting it to certain values.

  • LOW
  • NETWORK
  • NONE
  • PARTIAL
  • NONE
  • NONE

CWE-255 - Credentials Management Errors

Weaknesses in this category are related to the management of credentials.

References

Advisory Timeline

  • Published