CNNVD-202510-3488 Information

CNNVD ID

CNNVD-202510-3488

Related CVE

CVE-2025-12310

• CNNVD Published: 2025-10-27

Description (Chinese)

VirtFusion是英国VirtFusion公司的一款虚拟化管理面板。 VirtFusion 6.0.2及之前版本存在安全漏洞，该漏洞源于文件/account/_settings中对Email Change Handler组件的身份验证尝试限制不当，可能导致暴力破解攻击。

Description (English)

VirtFusion is a virtual management panel of the British company VirtFusion. There is a security loophole in the VirtFusion 6.2 and earlier versions, which stems from the improper restrictions on the identification of Email Change Handler components in the document/account/ settings, which could lead to a violent breakout attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

VirtFusion

Published

2025-10-27

Last Modified

2026-02-24

References

https://vuldb.com/?id.329982 https://vuldb.com/?ctiid.329982 https://vuldb.com/?submit.676825 https://access.redhat.com/security/cve/cve-2025-12310