Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-07 | CVE-2019-4068 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM products IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to user enumeration, allowing an attacker to brute force into the system. | 7.5 |
| 2019-06-04 | CVE-2019-5217 | Improper Restriction of Excessive Authentication Attempts vulnerability in Huawei Mate 9 PRO Firmware There is an information disclosure vulnerability on Mate 9 Pro Huawei smartphones versions earlier than LON-AL00B9.0.1.150 (C00E61R1P8T8). | 4.6 |
| 2019-04-10 | CVE-2019-0039 | Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Junos If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. | 8.1 |
| 2019-04-03 | CVE-2019-5421 | Improper Restriction of Excessive Authentication Attempts vulnerability in Plataformatec Devise Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. | 9.8 |
| 2019-03-28 | CVE-2018-19879 | Improper Restriction of Excessive Authentication Attempts vulnerability in Teltonika Rut950 Firmware R31.04.89 An issue was discovered in /cgi-bin/luci on Teltonika RTU9XX (e.g., RUT950) R_31.04.89 before R_00.05.00.5 devices. | 9.8 |
| 2019-03-05 | CVE-2019-6524 | Improper Restriction of Excessive Authentication Attempts vulnerability in Moxa products Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force attack. | 9.8 |
| 2019-01-25 | CVE-2018-19021 | Improper Restriction of Excessive Authentication Attempts vulnerability in Emerson Deltav A specially crafted script could bypass the authentication of a maintenance port of Emerson DeltaV DCS Versions 11.3.1, 11.3.2, 12.3.1, 13.3.1, 14.3, R5.1, R6 and prior, which may allow an attacker to cause a denial of service. | 6.5 |
| 2018-11-26 | CVE-2018-19548 | Improper Restriction of Excessive Authentication Attempts vulnerability in Rudrasoftech Edusec index.php?r=site%2Flogin in EduSec through 4.2.6 does not restrict sending a series of LoginForm[username] and LoginForm[password] parameters, which might make it easier for remote attackers to obtain access via a brute-force approach. | 9.8 |
| 2018-11-19 | CVE-2018-15759 | Improper Restriction of Excessive Authentication Attempts vulnerability in Pivotal Software Broker API and on Demand Services SDK Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method of verifying credentials. | 9.8 |
| 2018-11-13 | CVE-2018-14657 | Improper Restriction of Excessive Authentication Attempts vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. | 8.1 |