Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-29 | CVE-2019-20031 | Improper Restriction of Excessive Authentication Attempts vulnerability in NEC Um8000 Firmware and Um4730 Firmware NEC UM8000, UM4730 and prior non-InMail voicemail systems with all known software versions may permit an infinite number of login attempts in the telephone user interface (TUI), effectively allowing brute force attacks. | 6.4 |
| 2020-07-20 | CVE-2020-14494 | Improper Restriction of Excessive Authentication Attempts vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication mechanism within the system that does not provide sufficient complexity to protect against brute force attacks, which may allow unauthorized users to access the system after no more than a fixed maximum number of attempts. | 5.0 |
| 2020-07-20 | CVE-2020-14484 | Improper Restriction of Excessive Authentication Attempts vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to bypass the system’s account lockout protection, which may allow brute force password attacks. | 5.0 |
| 2020-07-07 | CVE-2020-15367 | Improper Restriction of Excessive Authentication Attempts vulnerability in Venki Supravizio BPM 10.1.2 Venki Supravizio BPM 10.1.2 does not limit the number of authentication attempts. | 5.0 |
| 2020-06-16 | CVE-2020-7508 | Improper Restriction of Excessive Authentication Attempts vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2 A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to gain full access by brute force. | 5.0 |
| 2020-06-09 | CVE-2020-13872 | Improper Restriction of Excessive Authentication Attempts vulnerability in Royalapps Royal TS Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for attackers to bypass tunnel authentication via a brute-force approach. | 3.3 |
| 2020-06-04 | CVE-2020-13805 | Improper Restriction of Excessive Authentication Attempts vulnerability in Foxitsoftware Phantompdf An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. | 5.0 |
| 2020-06-04 | CVE-2020-4193 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Guardium 11.1 IBM Security Guardium 11.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 5.0 |
| 2020-05-07 | CVE-2020-11052 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sorcery Project Sorcery In Sorcery before 0.15.0, there is a brute force vulnerability when using password authentication via Sorcery. | 5.0 |
| 2020-05-04 | CVE-2020-10876 | Improper Restriction of Excessive Authentication Attempts vulnerability in Oklok Project Oklok 3.1.1 The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) does not correctly implement its timeout on the four-digit verification code that is required for resetting passwords, nor does it properly restrict excessive verification attempts. | 5.0 |