Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-14 | CVE-2020-13312 | Improper Restriction of Excessive Authentication Attempts vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 9.8 |
| 2020-09-09 | CVE-2020-15786 | Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Generation (incl. | 9.8 |
| 2020-08-31 | CVE-2020-7525 | Improper Restriction of Excessive Authentication Attempts vulnerability in Schneider-Electric Spacelynk Firmware and Wiser for KNX Firmware Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a password when brute force is used. | 7.5 |
| 2020-08-31 | CVE-2020-12645 | Improper Restriction of Excessive Authentication Attempts vulnerability in Open-Xchange Appsuite 7.10.1 OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption. | 9.8 |
| 2020-08-26 | CVE-2020-13617 | Improper Restriction of Excessive Authentication Attempts vulnerability in Mitel products The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts. | 7.5 |
| 2020-08-26 | CVE-2020-24007 | Improper Restriction of Excessive Authentication Attempts vulnerability in Umanni Human Resources 1.0 Umanni RH 1.0 does not limit the number of authentication attempts. | 9.8 |
| 2020-07-30 | CVE-2020-8202 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Preferred Providers 1.6.0 Improper check of inputs in Nextcloud Preferred Providers app v1.6.0 allowed to perform a denial of service attack when using a very long password. | 5.3 |
| 2020-07-29 | CVE-2019-20031 | Improper Restriction of Excessive Authentication Attempts vulnerability in NEC Um4730 Firmware and Um8000 Firmware NEC UM8000, UM4730 and prior non-InMail voicemail systems with all known software versions may permit an infinite number of login attempts in the telephone user interface (TUI), effectively allowing brute force attacks. | 9.1 |
| 2020-07-29 | CVE-2020-4567 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security KEY Lifecycle Manager 3.0.1/4.0 IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 9.8 |
| 2020-07-22 | CVE-2020-4400 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Verify Gateway 1.0.0/1.0.1 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 7.5 |