Vulnerabilities > CVE-2023-26208 - Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortiauthenticator
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
LOW Summary
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiAuthenticator 6.4.x and before allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form.