Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-11 | CVE-2020-12752 | Improper Restriction of Excessive Authentication Attempts vulnerability in Google Android 10.0/9.0 An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. | 7.5 |
| 2020-05-07 | CVE-2020-11052 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sorcery Project Sorcery In Sorcery before 0.15.0, there is a brute force vulnerability when using password authentication via Sorcery. | 9.8 |
| 2020-05-04 | CVE-2020-10876 | Improper Restriction of Excessive Authentication Attempts vulnerability in Oklok Project Oklok 3.1.1 The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) does not correctly implement its timeout on the four-digit verification code that is required for resetting passwords, nor does it properly restrict excessive verification attempts. | 7.5 |
| 2020-04-21 | CVE-2019-17525 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dlink Dir-615 Firmware 20.10 The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks. | 8.8 |
| 2020-04-08 | CVE-2020-11650 | Improper Restriction of Excessive Authentication Attempts vulnerability in Ixsystems Freenas Firmware and Truenas Firmware An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. | 7.5 |
| 2020-04-08 | CVE-2020-8827 | Improper Restriction of Excessive Authentication Attempts vulnerability in Argoproj Argo CD As of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures. | 7.5 |
| 2020-04-08 | CVE-2020-1616 | Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper products Due to insufficient server-side login attempt limit enforcement, a vulnerability in the SSH login service of Juniper Networks Juniper Advanced Threat Prevention (JATP) Series and Virtual JATP (vJATP) devices allows an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. | 5.3 |
| 2020-04-07 | CVE-2019-4393 | Improper Restriction of Excessive Authentication Attempts vulnerability in Hcltech Appscan 10.0.0/9.0.3.13/9.0.3.14 HCL AppScan Standard is vulnerable to excessive authorization attempts | 9.8 |
| 2020-04-02 | CVE-2020-6852 | Improper Restriction of Excessive Authentication Attempts vulnerability in Cacagoo Tv-288Zd-2Mp Firmware 3.4.2.0919 CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3.4.2.0919 has weak authentication of TELNET access, leading to root privileges without any password required. | 9.8 |
| 2020-03-24 | CVE-2020-10849 | Improper Restriction of Excessive Authentication Attempts vulnerability in Google Android An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos7885, Exynos8895, and Exynos9810 chipsets) software. | 9.8 |