CVE-2024-53647 | THREATINT

Description

Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an attacker to send an unlimited number of email verification requests without any restriction, potentially leading to abuse or denial of service.

PUBLISHED Reserved 2024-11-21 | Published 2024-12-31 | Updated 2024-12-31 | Assigner trendmicro

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Problem types

CWE-400: Uncontrolled Resource Consumption

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-307: Improper Restriction of Excessive Authentication

Product status

3.0 (semver) before 3.0

affected

References

helpcenter.trendmicro.com/en-us/article/tmka-06710

cve.org (CVE-2024-53647)

nvd.nist.gov (CVE-2024-53647)

Download JSON