Vulnerabilities > Improper Restriction of Excessive Authentication Attempts

DATE CVE VULNERABILITY TITLE RISK
2024-08-13 CVE-2024-41904 Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens Sinec Traffic Analyzer
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0).
network
low complexity
siemens CWE-307
7.5
2024-08-06 CVE-2024-39225 Improper Restriction of Excessive Authentication Attempts vulnerability in Gl-Inet products
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a remote code execution (RCE) vulnerability.
network
low complexity
gl-inet CWE-307
critical
9.8
2024-07-12 CVE-2024-39917 Improper Restriction of Excessive Authentication Attempts vulnerability in Neutrinolabs Xrdp
xrdp is an open source RDP server.
network
low complexity
neutrinolabs CWE-307
critical
9.8
2024-07-09 CVE-2024-39873 Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).
network
low complexity
siemens CWE-307
7.5
2024-06-11 CVE-2024-28022 Improper Restriction of Excessive Authentication Attempts vulnerability in Hitachienergy Foxman-Un and Unem
A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of authentication attempts using different passwords, and eventually gain access to other components in the same security realm using the targeted account.
network
high complexity
hitachienergy CWE-307
6.5
2024-06-10 CVE-2024-28833 Improper Restriction of Excessive Authentication Attempts vulnerability in Checkmk 2.3.0
Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms.
network
low complexity
checkmk CWE-307
7.5
2024-06-04 CVE-2023-48318 Improper Restriction of Excessive Authentication Attempts vulnerability in Codepeople Contact Form Email
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Contact Form Email allows Functionality Bypass.This issue affects Contact Form Email: from n/a through 1.3.41.
network
low complexity
codepeople CWE-307
6.5
2024-05-14 CVE-2024-3461 Improper Restriction of Excessive Authentication Attempts vulnerability in Kioware
KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which protects the application from being closed, as there are no mechanisms preventing a user from excessively guessing the number.
local
low complexity
kioware CWE-307
5.5
2024-04-26 CVE-2024-32868 Improper Restriction of Excessive Authentication Attempts vulnerability in Zitadel
ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email.
network
low complexity
zitadel CWE-307
8.1
2024-04-24 CVE-2024-28825 Improper Restriction of Excessive Authentication Attempts vulnerability in Checkmk
Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 (beta), 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 (EOL) facilitates password brute-forcing.
network
low complexity
checkmk CWE-307
critical
9.8