Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-09 | CVE-2024-39873 | Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens Sinema Remote Connect Server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). | 7.5 |
| 2024-06-11 | CVE-2024-28022 | Improper Restriction of Excessive Authentication Attempts vulnerability in Hitachienergy Foxman-Un and Unem A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of authentication attempts using different passwords, and eventually gain access to other components in the same security realm using the targeted account. | 6.5 |
| 2024-06-10 | CVE-2024-28833 | Improper Restriction of Excessive Authentication Attempts vulnerability in Checkmk 2.3.0 Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms. | 7.5 |
| 2024-05-14 | CVE-2024-3461 | Improper Restriction of Excessive Authentication Attempts vulnerability in Kioware KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which protects the application from being closed, as there are no mechanisms preventing a user from excessively guessing the number. | 5.5 |
| 2024-04-26 | CVE-2024-32868 | Improper Restriction of Excessive Authentication Attempts vulnerability in Zitadel ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. | 8.1 |
| 2024-04-24 | CVE-2024-28825 | Improper Restriction of Excessive Authentication Attempts vulnerability in Checkmk Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 (beta), 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 (EOL) facilitates password brute-forcing. | 9.8 |
| 2024-03-18 | CVE-2024-21662 | Improper Restriction of Excessive Authentication Attempts vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 9.1 |
| 2024-03-18 | CVE-2024-21652 | Improper Restriction of Excessive Authentication Attempts vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 9.8 |
| 2024-02-09 | CVE-2023-45190 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Engineering Lifecycle Optimization 7.0.2/7.0.3 IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.1 |
| 2024-01-25 | CVE-2023-33759 | Improper Restriction of Excessive Authentication Attempts vulnerability in Splicecom Maximiser Soft PBX SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack. | 9.8 |