Vulnerabilities > CVE-2021-32522 - Improper Restriction of Excessive Authentication Attempts vulnerability in Qsan Sanos, Storage Manager and Xevo

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
qsan
CWE-307

Summary

Improper restriction of excessive authentication attempts vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to discover users’ credentials and obtain access via a brute force attack. Suggest contacting with QSAN and refer to recommendations in QSAN Document.

Vulnerable Configurations

Part Description Count
Application
Qsan
5