Fallos del tipo CWE-307
409 resultadosCVE-2023-29301HIGHAdobe ColdFusion Improper Restriction of Excessive Authentication Attempts Security feature bypassEPSS 29.1%CVE-2016-9361CRITICALAn issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions pEPSS 20.2%CVE-2024-39225CRITICALGL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16,EPSS 14.5%CVE-2023-27100CRITICALImproper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CEEPSS 9.8%CVE-2017-7898CRITICALAn Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 progrEPSS 5.1%CVE-2014-5414CRITICALBeckhoff Embedded PC Images and TwinCAT Components Improper Restriction of Excessive Authentication AttemptsEPSS 4.8%CVE-2022-30076MEDIUMENTAB ERP 1.0 allows attackers to discover users' full names via a brute force attack with a series of student usernames such as s10000 throEPSS 3.5%CVE-2025-67091MEDIUMAn issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wraEPSS 3.0%CVE-2018-5469—An Improper Restriction of Excessive Authentication Attempts issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACHEPSS 2.9%CVE-2019-6524—Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to disEPSS 2.7%CVE-2021-33190—Bypass network access controlEPSS 2.7%CVE-2020-28212—A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (nEPSS 2.6%CVE-2016-9366CRITICALAn issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions pEPSS 2.4%CVE-2016-9124—Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive Authentication Attempts. The login page of Revive Adserver is vuEPSS 2.2%CVE-2023-36434CRITICALWindows IIS Server Elevation of Privilege VulnerabilityEPSS 2.2%CVE-2019-3746CRITICALDell EMC Integrated Data Protection Appliance versions prior to 2.3 do not limit the number of authentication attempts to the ACM API. An auEPSS 2.1%CVE-2019-3766HIGHDell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. An unauthenticateEPSS 1.9%CVE-2017-15887—An improper restriction of excessive authentication attempts vulnerability in /principals in Synology CardDAV Server before 6.0.7-0085 allowEPSS 1.9%CVE-2021-41171MEDIUMBypass bruteforce protection on login form in elabftwEPSS 1.9%CVE-2023-21709CRITICALMicrosoft Exchange Server Elevation of Privilege VulnerabilityEPSS 1.9%