Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-18 | CVE-2022-43377 | Improper Restriction of Excessive Authentication Attempts vulnerability in Schneider-Electric products A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior) | 7.5 |
| 2023-04-15 | CVE-2022-2525 | Improper Restriction of Excessive Authentication Attempts vulnerability in Calibre-Web Project Calibre-Web Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20. | 9.8 |
| 2023-04-14 | CVE-2023-26756 | Improper Restriction of Excessive Authentication Attempts vulnerability in Revive Adserver 5.4.1 The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. | 7.5 |
| 2023-04-13 | CVE-2023-27746 | Improper Restriction of Excessive Authentication Attempts vulnerability in Blackvue Dr750-2Ch IR LTE Firmware and Dr750-2Ch LTE Firmware BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase which can be easily cracked via a brute force attack if the WPA2 handshake is intercepted. | 9.8 |
| 2023-04-11 | CVE-2022-43947 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortios and Fortiproxy An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions. | 8.8 |
| 2023-03-21 | CVE-2023-1539 | Improper Restriction of Excessive Authentication Attempts vulnerability in Answer Improper Restriction of Excessive Authentication Attempts in GitHub repository answerdev/answer prior to 1.0.6. | 5.3 |
| 2023-03-09 | CVE-2022-29056 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortimail A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiMail version 6.4.0, version 6.2.0 through 6.2.4 and before 6.0.9 allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form. | 5.3 |
| 2023-03-09 | CVE-2023-26208 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortiauthenticator A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiAuthenticator 6.4.x and before allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form. | 5.3 |
| 2023-03-09 | CVE-2023-26209 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortideceptor A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiDeceptor 3.1.x and before allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form. | 5.3 |
| 2023-03-02 | CVE-2023-1101 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sonicwall Sonicos SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes. | 8.8 |