Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-11 | CVE-2022-34389 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dell products Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. | 5.3 |
| 2023-01-23 | CVE-2023-22960 | Improper Restriction of Excessive Authentication Attempts vulnerability in Lexmark products Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. | 7.5 |
| 2023-01-20 | CVE-2021-27782 | Improper Restriction of Excessive Authentication Attempts vulnerability in Hcltech Bigfix Mobile 2.0 HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts. | 7.5 |
| 2023-01-10 | CVE-2022-38491 | Improper Restriction of Excessive Authentication Attempts vulnerability in Easyvista Service Manager 2020.2.125.3/2022.1.109.0.03 An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. | 7.5 |
| 2022-12-26 | CVE-2022-26964 | Improper Restriction of Excessive Authentication Attempts vulnerability in Devolutions Remote Desktop Manager Weak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows information disclosure via a password brute-force attack. | 7.5 |
| 2022-12-25 | CVE-2022-45893 | Improper Restriction of Excessive Authentication Attempts vulnerability in Planetestream Planet Estream Planet eStream before 6.72.10.07 allows a low-privileged user to gain access to administrative and high-privileged user accounts by changing the value of the ON cookie. | 8.8 |
| 2022-12-06 | CVE-2022-30305 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortideceptor and Fortisandbox An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to 4.0.2, 3.2.0 to 3.2.3 and 3.1.0 to 3.1.5 and FortiDeceptor versions 4.2.0, 4.1.0 through 4.1.1, 4.0.0 through 4.0.2, 3.3.0 through 3.3.3, 3.2.0 through 3.2.2,3.1.0 through 3.1.1 and 3.0.0 through 3.0.2 may allow a remote attacker to repeatedly enter incorrect credentials without causing a log entry, and with no limit on the number of failed authentication attempts. | 7.5 |
| 2022-11-30 | CVE-2022-23746 | Improper Restriction of Excessive Authentication Attempts vulnerability in Checkpoint SSL Network Extender The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender (SNX). | 7.5 |
| 2022-11-24 | CVE-2022-2650 | Improper Restriction of Excessive Authentication Attempts vulnerability in Wger Improper Restriction of Excessive Authentication Attempts in GitHub repository wger-project/wger prior to 2.2. | 9.8 |
| 2022-11-23 | CVE-2022-37772 | Improper Restriction of Excessive Authentication Attempts vulnerability in Maarch RM Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to excessive verbose responses from the application. | 7.5 |