Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-17 | CVE-2022-40055 | Improper Restriction of Excessive Authentication Attempts vulnerability in Gxgroup Gpon ONT Titanium 2122A Firmware T2122V1.26Exl An issue in GX Group GPON ONT Titanium 2122A T2122-V1.26EXL allows attackers to escalate privileges via a brute force attack at the login page. | 9.8 |
| 2022-10-12 | CVE-2022-31228 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dell Xtremio Management Server 6.3.0/6.3.38 Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability. | 9.8 |
| 2022-10-12 | CVE-2022-33106 | Improper Restriction of Excessive Authentication Attempts vulnerability in Wijungle U250 Firmware WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the attacker to brute force the admin password leading to Account Take Over. | 9.8 |
| 2022-09-28 | CVE-2022-36781 | Improper Restriction of Excessive Authentication Attempts vulnerability in Connectwise Screenconnect ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default configuration. | 5.3 |
| 2022-09-20 | CVE-2022-33735 | Improper Restriction of Excessive Authentication Attempts vulnerability in Huawei Ws7200-10 Firmware 11.0.2.13 There is a password verification vulnerability in WS7200-10 11.0.2.13. | 6.5 |
| 2022-09-08 | CVE-2022-37144 | Improper Restriction of Excessive Authentication Attempts vulnerability in Plextrac The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. | 8.8 |
| 2022-09-08 | CVE-2022-37145 | Improper Restriction of Excessive Authentication Attempts vulnerability in Plextrac The PlexTrac platform prior to version 1.17.0 does not restrict excessive authentication attempts for accounts configured to use the PlexTrac authentication provider. | 7.5 |
| 2022-08-15 | CVE-2022-2822 | Improper Restriction of Excessive Authentication Attempts vulnerability in Octoprint An attacker can freely brute force username and password and can takeover any account. | 7.5 |
| 2022-08-12 | CVE-2022-35932 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Talk Nextcloud Talk is a video and audio conferencing app for Nextcloud. | 5.3 |
| 2022-08-10 | CVE-2022-2457 | Improper Restriction of Excessive Authentication Attempts vulnerability in Redhat Process Automation Manager 7.0/7.5.1 A flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a brute force attack against Administration Console as the application does not limit the number of unsuccessful login attempts. | 9.8 |