Primary

Context

Seclore Authentication Bypass Vulnerability via Brute Force Attack

Vulnerability

A vulnerability in the login page of Seclore version 3.27.5.0 allows attackers to bypass authentication through brute force attacks. This issue enables the enumeration of valid domains and internal services by manipulating the repository code parameter.

Impact

Exploitation of this vulnerability allows for authentication bypass, potentially leading to unauthorized access to the application or its services.

Reproduction

To reproduce this vulnerability, perform a brute force attack on the login page by repeatedly submitting different values for the repository code parameter. This will allow the enumeration of valid domains and internal services hosted by the application.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Seclore Authentication Bypass Vulnerability via Brute Force Attack

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating