本ページは weintek weincloud に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-37362 | Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website. | [email protected] | 7.2 | 0.05% | 2023-07-19 | 2025-03-06 |
| CVE-2023-35134 | Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only. | [email protected] | 7.4 | 0.07% | 2023-07-19 | 2024-11-21 |
| CVE-2023-34429 | Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token. | [email protected] | 7.5 | 0.07% | 2023-07-19 | 2024-11-21 |
| CVE-2023-32657 | Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses. | [email protected] | 5.3 | 0.14% | 2023-07-19 | 2024-11-21 |