Vulnerabilities > CVE-2019-16670 - Improper Restriction of Excessive Authentication Attempts vulnerability in Weidmueller products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
weidmueller
CWE-307
NVD
Published: 2019-12-06
Updated: 2019-12-12

Summary

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. The Authentication mechanism has no brute-force prevention.

Vulnerable Configurations

Part Description Count
OS
Weidmueller
40
Hardware
Weidmueller
40

Common Weakness Enumeration (CWE)

References