Primary

Context

Airship AI Acropolis MFA Rate Limiting Vulnerability

Vulnerability

A vulnerability in Airship AI Acropolis allows unlimited multi-factor authentication (MFA) attempts for 15 minutes after a user has logged in with valid credentials. This flaw enables remote attackers with valid credentials to brute-force the 6-digit MFA code. The issue has been fixed in versions 10.2.35, 11.0.21, and 11.1.9.

Impact

Exploitation of this vulnerability could lead to unauthorized access by bypassing MFA requirements, allowing attackers to authenticate using brute-forced MFA codes.

Remediation

Users are advised to update to Airship AI Acropolis versions 10.2.35, 11.0.21, or 11.1.9.

Added: Sep 22, 2025, 4:48 PM

Updated: Sep 23, 2025, 12:31 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Airship AI Acropolis MFA Rate Limiting Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating