漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Improper Restriction of Excessive Authentication Attempts in KTM System e-BOK
Vulnerability Description
KTM System e-BOK does not implement any limit or timeout on consecutive login attempts, allowing an attacker to perform unlimited authentication requests. This lack of rate‑limiting enables efficient brute‑force attacks against user accounts. When combined with vulnerability CVE-2026-35097, where passwords are restricted to a six‑digit numeric format, this becomes a critical issue, as such passwords can be brute‑forced in a relatively short time. This issue was fixed in the patch published in June 2026.
CVSS Information
N/A
Vulnerability Type
过多认证尝试的限制不恰当
Vulnerability Title
KTM System e-BOK 授权问题漏洞
Vulnerability Description
KTM System e-BOK是KTM System公司的一款电子出纳管理软件。 KTM System e-BOK 06.2026之前版本存在授权问题漏洞,该漏洞源于未对连续登录尝试实施任何限制或超时,可能导致攻击者执行无限制的身份验证请求,从而实现高效的暴力破解攻击。
CVSS Information
N/A
Vulnerability Type
N/A