CWE-307
Improper Restriction of Excessive Authentication Attempts
Parent: CWE-1390 - Weak Authentication
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
586 vulnerabilities with CWE-307
CVE-2013-1895
HIGH
py-bcrypt < 0.3 - Authentication Bypass via Concurrent Memory Access
CVSS 7.5
CVE-2013-4441
CRITICAL
pwgen 2.06 - Predictable Password Generation in Phonemes Mode
CVSS 9.8
CVE-2013-2228
HIGH
SaltStack 0.14.0-0.14.9 - RSA Key Generation Vulnerability
CVSS 8.1
CVE-2013-2257
HIGH
Cryptocat < 2.0.42 - Group Chat ECC Private Key Generation Brute Force Weakness
CVSS 7.5
CVE-2009-5140
HIGH
Linksys SPA2102 Firmware - Unauthenticated Credential Exposure via SIP Digest Leak
CVSS 8.8
CVE-2002-0628
HIGH
Polycom ViewStation < 7.2.4 - Unauthenticated Brute Force Attack via Telnet Service
CVSS 7.5
CVE-2001-1291
CRITICAL
3Com PS40 SuperStack II - Info Disclosure
CVSS 9.8
CVE-2001-0395
CRITICAL
Lightwave ConsoleServer 3200 Firmware - Unauthenticated Brute Force Password Guessing
CVSS 9.8
CVE-2001-1339
CRITICAL
Beck IPC@CHIP Firmware - Improper Restriction of Excessive Authentication Attempts in Telnet Service
CVSS 9.8
CVE-1999-1324
CRITICAL
VAXstations Open VMS <5.5-2 - Info Disclosure
CVSS 9.8
CVE-1999-1152
HIGH
Compaq/Microcom 6000 Access Integrator - Info Disclosure
CVSS 7.5
Details
Vulnerabilities
586