.. _vulnerabilityManagement_securityAdvisory_2025_CWE-307:

CWE-307
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Data: 2025-10-06

Severity: Medium

CVSS Score:  5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Riferimenti:  

- `https://cwe.mitre.org/data/definitions/307.html <https://cwe.mitre.org/data/definitions/307.html>`_

Componenti: govwayConsole, govwayMonitor, govwayAPIConfig, govwayAPIMonitor

**Descrizione**

[Brute Force]

The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.	

**GovWay**

Versione affette: 

- 3.3.x: <= 3.3.17
- 3.4.x: <= 3.4.0

Risoluzione: 

- 3.3.x: 3.3.18
- 3.4.x: 3.4.1