CNNVD-202509-3210 Information

CNNVD ID

CNNVD-202509-3210

Related CVE

CVE-2025-10761

• CNNVD Published: 2025-09-21

Description (Chinese)

Harness是Harness开源的一个开发平台。 Harness 3.3.0版本存在安全漏洞，该漏洞源于/api/v1/login文件中对身份验证尝试次数限制不当，可能导致暴力破解攻击。

Description (English)

Harness is an open-source development platform for Harness. There is a security loophole in version 3.3.0 of Harness, which stems from the undue number of attempts to identify in the /api/v1/login document, which could lead to violent deciphering of the attack.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Harness

Published

2025-09-21

Last Modified

2026-02-24

References

https://github.com/August829/Yu/blob/main/58ead8e7e08bfb020.md https://vuldb.com/?submit.646871 https://vuldb.com/?ctiid.325116 https://vuldb.com/?id.325116 https://github.com/August829/Yu/blob/main/58ead8e7e08bfb020.md#poc https://access.redhat.com/security/cve/cve-2025-10761