Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-19 | CVE-2022-24402 | Improper Restriction of Excessive Authentication Attempts vulnerability in Midnightblue Tetra:Burst The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks. | 7.5 |
| 2023-10-11 | CVE-2023-44111 | Improper Restriction of Excessive Authentication Attempts vulnerability in Huawei Emui and Harmonyos Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of this vulnerability may affect service confidentiality. | 7.5 |
| 2023-10-11 | CVE-2023-44096 | Improper Restriction of Excessive Authentication Attempts vulnerability in Huawei Emui and Harmonyos Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of this vulnerability may affect service confidentiality. | 7.5 |
| 2023-10-09 | CVE-2023-43699 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sick Apu0200 Firmware Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU allows an unprivileged remote attacker to guess the password via trial-and-error as the login attempts are not limited. | 7.5 |
| 2023-09-27 | CVE-2023-42818 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host. | 9.8 |
| 2023-09-12 | CVE-2023-40834 | Improper Restriction of Excessive Authentication Attempts vulnerability in Opencart 4.0.2.2 OpenCart CMS v4.0.2.2 was discovered to lack a protective mechanism on its login page against excessive login attempts, allowing unauthenticated attackers to gain access to the application via a brute force attack to the password parameter. | 9.8 |
| 2023-08-28 | CVE-2023-26271 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Guardium Cloud KEY Manager IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 7.5 |
| 2023-08-28 | CVE-2022-43904 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Guardium 11.3/11.4 IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. | 7.5 |
| 2023-08-24 | CVE-2023-40706 | Improper Restriction of Excessive Authentication Attempts vulnerability in Opto22 Snap PAC S1 Firmware R10.3B There is no limit on the number of login attempts in the web server for the SNAP PAC S1 Firmware version R10.3b. | 9.8 |
| 2023-07-25 | CVE-2023-3548 | Improper Restriction of Excessive Authentication Attempts vulnerability in Johnsoncontrols IQ Wifi 6 Firmware An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack. | 9.8 |