CNNVD-202506-1695 Information
CNNVD ID
CNNVD-202506-1695
Related CVE
- CNNVD Published: 2025-06-12
Description (Chinese)
vantage6是vantage6开源的一个用于 Secure Insight eXchange 的开源 priVAcy preserviNg federalTed leArningG 基础架构。 vantage6 4.11之前版本存在安全漏洞,该漏洞源于更改密码功能允许无限次尝试,可能导致暴力破解攻击。
Description (English)
vantage6 is an open source base structure for security Insight eXchange for use in vantage6. There was a security loophole in the previous version of vantage 6 4.11, which stemmed from the fact that changing the password function allowed for an unlimited number of attempts, which could lead to a violent breakdown of the attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
vantage6
Published
2025-06-12
Last Modified
2026-02-24
References
https://github.com/vantage6/vantage6/security/advisories/GHSA-j6g5-p62x-58hw https://access.redhat.com/security/cve/cve-2025-43863 https://nvd.nist.gov/vuln/detail/CVE-2025-43863
Patch
https://github.com/vantage6/vantage6/releases
Share on: