Filtered by vendor Airship.ai
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-35041 | 1 Airship.ai | 1 Acropolis | 2025-12-19 | N/A | 7.5 HIGH |
| Airship AI Acropolis allows unlimited MFA attempts for 15 minutes after a user has logged in with valid credentials. A remote attacker with valid credentials could brute-force the 6-digit MFA code. Fixed in 10.2.35, 11.0.21, and 11.1.9. | |||||
| CVE-2025-35042 | 1 Airship.ai | 1 Acropolis | 2025-12-19 | N/A | 9.8 CRITICAL |
| Airship AI Acropolis includes a default administrative account that uses the same credentials on every installation. Instances of Airship AI that do not change this account password are vulnerable to a remote attacker logging in and gaining the privileges of this account. Fixed in 10.2.35, 11.0.21, and 11.1.9. | |||||