CVE-2024-38176

Improper Restriction of Excessive Authentication Attempts (CWE-307)

Published: Jul 23, 2024

There is total loss of availability, resulting in the attacker being able to fully deny access to resources in the impacted component; this loss is either sustained (while the attacker continues to deliver the attack) or persistent (the condition persists even after the attack has completed). Alternatively, the attacker has the ability to deny some availability, but the loss of availability presents a direct, serious consequence to the impacted component (e.g., the attacker cannot disrupt existing connections, but can prevent new connections; the attacker can repeatedly exploit a vulnerability that, in each instance of a successful attack, leaks a only small amount of memory, but after repeated exploitation causes a service to become completely unavailable).

Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability? An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network.

An improper restriction of excessive authentication attempts in [GroupMe](https://groupme.com/) allows a unauthenticated attacker to elevate privileges over a network.

Update Tue Aug 20 14:33:25 UTC 2024

Vulnerability Summary for the Week of July 22, 2024 bjackson Jul 29, 2024 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info 202ecommerce--paypal In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disabled webhooks can be exploited to create an accepted order. This could allow a threat actor to confirm an order with a fraudulent payment support. Versions 6.4.2 and 3.18.1 contain a patch for the issue. Additionally, users enable webhooks and check they are callable. 2024-07-26 7.5 CVE-2024-41670 security-advisories@github.com ABB--Advant MOD 300 AdvaBuild AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the command queue can use it to launch an attack by running any executable on the AdvaBuild node. The executables that can be run are not limited to AdvaBuild specific executables. Improper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2. 2024-07-23 8.8 CVE-2020-11640 cybersecurity@ch.abb.com ABB--Advant MOD 300 AdvaBuild An attacker could exploit the vulnerability by injecting garbage data or specially crafted data.

The FBI has published a story on its Cyber Action Team, which can be deployed across the world within hours to help critical infrastructure organizations respond to cyberattacks and other threats. Web3 identity solutions provider Fractal ID revealed that a threat actor recently managed to exfiltrate data belonging to 6,300 users — representing less than 1% of its user base — after compromising credentials for an operator account that had admin privileges.

The vulnerability exists due to improper access restrictions in GroupMe. A remote attacker can trick a victim to click on a malicious link and gain elevated privileges on the system. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

Improper access control vulnerability in GroupMe that could allow an unauthenticated attacker to elevate privileges on the network by tricking users into clicking a malicious link (CVE-2024-38164) Vulnerability in GroupMe improperly limiting excessive authentication attempts, which could allow an unauthenticated attacker to escalate privileges on the network (CVE-2024-38176)