Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-08 | CVE-2022-28384 | Improper Restriction of Excessive Authentication Attempts vulnerability in Verbatim products An issue was discovered in certain Verbatim drives through 2022-03-31. | 5.5 |
| 2022-06-02 | CVE-2022-29084 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dell products Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. | 9.8 |
| 2022-05-24 | CVE-2013-10004 | Improper Restriction of Excessive Authentication Attempts vulnerability in Telecomsoftware Samwin Agent and Samwin Contact Center A vulnerability classified as critical was found in Telecommunication Software SAMwin Contact Center Suite 5.1. | 9.8 |
| 2022-05-20 | CVE-2022-24044 | Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens products A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). | 7.5 |
| 2022-04-12 | CVE-2022-22561 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. | 9.8 |
| 2022-03-16 | CVE-2021-43958 | Improper Restriction of Excessive Authentication Attempts vulnerability in Atlassian Crucible Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to brute force user login credentials as rest resources did not check if users were beyond their max failed login limits and therefore required solving a CAPTCHA in addition to providing user credentials for authentication via a improper restriction of excess authentication attempts vulnerability. | 9.8 |
| 2022-03-10 | CVE-2022-25820 | Improper Restriction of Excessive Authentication Attempts vulnerability in Google Android 11.0/12.0 A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password. | 4.6 |
| 2022-03-08 | CVE-2022-26314 | Improper Restriction of Excessive Authentication Attempts vulnerability in Mendix Forgot Password A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1), Mendix Forgot Password Appstore module (Mendix 7 compatible) (All versions < V3.2.2). | 9.8 |
| 2022-01-28 | CVE-2021-22818 | Improper Restriction of Excessive Authentication Attempts vulnerability in Schneider-Electric products A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an attacker to gain unauthorized access to the charging station web interface by performing brute force attacks. | 7.5 |
| 2022-01-25 | CVE-2021-43298 | Improper Restriction of Excessive Authentication Attempts vulnerability in Embedthis Goahead The code that performs password matching when using 'Basic' HTTP authentication does not use a constant-time memcmp and has no rate-limiting. | 9.8 |