Vulnerabilities > Improper Restriction of Excessive Authentication Attempts

DATE CVE VULNERABILITY TITLE RISK
2024-09-19 CVE-2024-47088 Improper Restriction of Excessive Authentication Attempts vulnerability in Apexsoftcell LD DP Back Office and LD GEO
This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive failed authentication attempts on its API based login.
network
low complexity
apexsoftcell CWE-307
critical
9.8
2024-09-11 CVE-2024-45790 Improper Restriction of Excessive Authentication Attempts vulnerability in Reedos Aim-Star 2.0.1
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing restrictions for excessive failed authentication attempts on its API based login.
network
low complexity
reedos CWE-307
critical
9.8
2024-09-06 CVE-2024-32771 Improper Restriction of Excessive Authentication Attempts vulnerability in Qnap QTS and Quts Hero
An improper restriction of excessive authentication attempts vulnerability has been reported to affect several QNAP operating system versions.
low complexity
qnap CWE-307
2.4
2024-09-05 CVE-2024-45589 Improper Restriction of Excessive Authentication Attempts vulnerability in Identityautomation Rapididentity
RapidIdentity LTS through 2023.0.2 and Cloud through 2024.08.0 improperly restricts excessive authentication attempts and allows a remote attacker to cause a denial of service via the username parameters.
network
high complexity
identityautomation CWE-307
5.9
2024-08-28 CVE-2021-22530 Improper Restriction of Excessive Authentication Attempts vulnerability in Microfocus Netiq Advanced Authentication
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login.
network
low complexity
microfocus CWE-307
critical
9.9
2024-08-16 CVE-2024-43042 Improper Restriction of Excessive Authentication Attempts vulnerability in Pluck-Cms Pluck 4.7.18
Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack.
network
low complexity
pluck-cms CWE-307
critical
9.8
2024-08-16 CVE-2024-42465 Improper Restriction of Excessive Authentication Attempts vulnerability in Upkeeper Manager
Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9.
network
low complexity
upkeeper CWE-307
critical
9.8
2024-08-16 CVE-2024-42466 Improper Restriction of Excessive Authentication Attempts vulnerability in Upkeeper Manager
Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9.
network
low complexity
upkeeper CWE-307
critical
9.8
2024-08-14 CVE-2024-39398 Improper Restriction of Excessive Authentication Attempts vulnerability in Adobe Commerce
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a security feature bypass.
network
high complexity
adobe CWE-307
7.4
2024-08-13 CVE-2024-41682 Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens Location Intelligence
A vulnerability has been identified in Location Intelligence family (All versions < V4.4).
network
low complexity
siemens CWE-307
5.3