CVE-2024-42176

HIGH Year: 2024
CVSS v3 Score
8.0
High
Weakness Type
CWE-307
View all →

Vulnerability Description

HCL MyXalytics is affected by concurrent login vulnerability. A concurrent login vulnerability occurs when simultaneous active sessions are allowed for a single credential allowing an attacker to potentially obtain access to a user's account or sensitive information.

Related Vulnerabilities

CVE-2013-2228

HIGH
CVSS:8.1(High)

SaltStack RSA Key Generation allows remote users to decrypt communications

CWE-3072013

CVE-2019-3766

HIGH
CVSS:8.1(High)

Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. An unauthenticated remote attacker may potentially perform a password brute-f...

CWE-3072019

CVE-2021-36750

HIGH
CVSS:8.1(High)

ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users (across USB drives sold under multiple brand names)...

CWE-3072021

CVE-2023-50123

HIGH
CVSS:8.1(High)

The number of attempts to bring the Hozard Alarm system (alarmsystemen) v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bri...

CWE-3072023

CVE-2024-23106

HIGH
CVSS:8.1(High)

An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version 7.2.0 through 7.2.4 and before 7.0.10 allows an unauthenticated attacker to try a brute force attack ag...

CWE-3072024

CVE-2024-38176

HIGH
CVSS:8.1(High)

An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network.

CWE-3072024