Vulnerabilities > CVE-2018-1475 - Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Bigfix Platform

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
ibm
CWE-307
critical
NVD
Published: 2018-04-27
Updated: 2024-11-21

Summary

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 140756.

Vulnerable Configurations

Part Description Count
Application
Ibm
25

Common Weakness Enumeration (CWE)

References