CVERadar

CVE-2024-43042

Medium Severity

Pluck-cms

SVRS

30/100

CVSSv3

9.8/10

EPSS

0.00174/1

CVE-2024-43042 in Pluck CMS 4.7.18 allows for brute force attacks due to the lack of restrictions on failed login attempts. This vulnerability enables attackers to repeatedly attempt logins until they successfully guess a user's credentials. While the CVSS score indicates high severity, SOCRadar's SVRS of 30 suggests a lower immediate threat level compared to vulnerabilities with scores above 80. The absence of login attempt restrictions in Pluck CMS makes it susceptible to unauthorized access. Attackers could potentially gain control of the system, leading to data breaches or other malicious activities. Successful exploitation could compromise sensitive information and disrupt website functionality. Organizations using Pluck CMS should implement login attempt restrictions or consider upgrading to a more secure version to mitigate this security risk. This vulnerability highlights the importance of robust access control mechanisms in web applications.

TAGS

No tags available

VECTOR STRING

CVSS:3.1

AV:N

AC:L

PR:N

UI:N

S:U

C:H

I:H

A:H

PUBLICATION DATE2025-03-19

LAST MODIFIED2024-08-16

SOCRadar

AI Insight

Description

CVE-2024-43042 is a vulnerability in Pluck CMS 4.7.18 that allows attackers to execute a brute force attack due to the lack of restrictions on failed login attempts. The SVRS for this vulnerability is 42, indicating a moderate level of risk.

Key Insights

Brute force attacks: This vulnerability allows attackers to repeatedly attempt to log in with different credentials until they succeed. This can lead to unauthorized access to the CMS and the underlying website.
No rate limiting: The lack of rate limiting allows attackers to automate their brute force attacks, increasing the likelihood of success.
Potential impact: A successful brute force attack could allow attackers to gain access to sensitive information, such as user data, website content, and administrative privileges.

Mitigation Strategies

Implement rate limiting: Limit the number of login attempts allowed within a specific time frame to prevent automated brute force attacks.
Use strong passwords: Encourage users to create strong passwords that are difficult to guess.
Enable two-factor authentication: Add an extra layer of security by requiring users to provide a second form of authentication, such as a code sent to their phone.
Monitor login activity: Regularly review login logs to detect any suspicious activity, such as multiple failed login attempts from the same IP address.

Additional Information

Threat Actors/APT Groups: No specific threat actors or APT groups have been identified as actively exploiting this vulnerability.
Exploit Status: No active exploits have been published.
CISA Warnings: The Cybersecurity and Infrastructure Security Agency (CISA) has not issued a warning for this vulnerability.
In the Wild: This vulnerability is not currently being actively exploited by hackers.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

No news found for this CVE

Social Media

CVE

@CVEnew

2024-08-16

CVE-2024-43042 Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack. https://t.co/NRCPMAFY9q

Affected Software

Configuration 1

Type	Vendor	Product
App	Pluck-cms	pluck

References

Reference	Link
[email protected]	https://drive.google.com/file/d/1FnLCFP8xDrE1e_4Ft_TZ7VhC-JBkpsL0/view?usp=sharing
[email protected]	https://github.com/pluck-cms/pluck

CWE Details

CWE ID	CWE Name	Description
CWE-307	Improper Restriction of Excessive Authentication Attempts	The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence