Advisory 2023-03/1 Account is not locked out
| Vulnerability type | Too many password attempts setting was not honored |
| Severity factors | |
| Versions affected | FileCloud Versions 22.1 and earlier |
| Version fixed | FileCloud Version 22.1.1 and later |
Description
The "account lockout on too many incorrect password entries" setting was not being honored, enabling users to log in to FileCloud after more than the specified number of incorrect passwords had been entered.
Fix
This vulnerability has been fixed in FileCloud version 22.1.1.xxxxx
What you should do to fix this vulnerability
- If you are using FileCloud Server, it is recommended that you update to the latest version, which is 22.1.1.xxxxx or greater. This will resolve the issue.
- If you are using FileCloud Online, your site has already been updated to the latest version.
If you have any questions about this advisory, please contact FileCloud support.