Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-10 | CVE-2019-0039 | Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Junos If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. | 8.1 |
| 2019-04-03 | CVE-2019-5421 | Improper Restriction of Excessive Authentication Attempts vulnerability in Plataformatec Devise Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. | 9.8 |
| 2019-03-28 | CVE-2018-19879 | Improper Restriction of Excessive Authentication Attempts vulnerability in Teltonika Rut950 Firmware R31.04.89 An issue was discovered in /cgi-bin/luci on Teltonika RTU9XX (e.g., RUT950) R_31.04.89 before R_00.05.00.5 devices. | 9.8 |
| 2019-03-05 | CVE-2019-6524 | Improper Restriction of Excessive Authentication Attempts vulnerability in Moxa products Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force attack. | 9.8 |
| 2019-01-25 | CVE-2018-19021 | Improper Restriction of Excessive Authentication Attempts vulnerability in Emerson Deltav A specially crafted script could bypass the authentication of a maintenance port of Emerson DeltaV DCS Versions 11.3.1, 11.3.2, 12.3.1, 13.3.1, 14.3, R5.1, R6 and prior, which may allow an attacker to cause a denial of service. | 6.5 |
| 2018-11-26 | CVE-2018-19548 | Improper Restriction of Excessive Authentication Attempts vulnerability in Rudrasoftech Edusec index.php?r=site%2Flogin in EduSec through 4.2.6 does not restrict sending a series of LoginForm[username] and LoginForm[password] parameters, which might make it easier for remote attackers to obtain access via a brute-force approach. | 9.8 |
| 2018-11-19 | CVE-2018-15759 | Improper Restriction of Excessive Authentication Attempts vulnerability in Pivotal Software Broker API and on Demand Services SDK Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method of verifying credentials. | 9.8 |
| 2018-11-13 | CVE-2018-14657 | Improper Restriction of Excessive Authentication Attempts vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. | 8.1 |
| 2018-10-05 | CVE-2018-11082 | Improper Restriction of Excessive Authentication Attempts vulnerability in Pivotal Software Cloudfoundry UAA Release Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior to 61.0, allows brute forcing of MFA codes. | 9.8 |
| 2018-06-29 | CVE-2018-12993 | Improper Restriction of Excessive Authentication Attempts vulnerability in Onefilecms onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to conduct brute-force attacks via the onefilecms_username and onefilecms_password fields. | 9.8 |