CVE-2024-24721

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-307
View all →

Vulnerability Description

An issue was discovered on Innovaphone PBX before 14r1 devices. The password form, used to authenticate, allows a Brute Force Attack through which an attacker may be able to access the administration panel

Related Vulnerabilities

CVE-2018-19021

MEDIUM
CVSS:6.5(Medium)

A specially crafted script could bypass the authentication of a maintenance port of Emerson DeltaV DCS Versions 11.3.1, 11.3.2, 12.3.1, 13.3.1, 14.3, R5.1, R6 and prior, which may allow an attacker to...

CWE-3072018

CVE-2019-18917

MEDIUM
CVSS:6.5(Medium)

A potential security vulnerability has been identified for certain HP Printers and All-in-Ones that would allow bypassing account lockout.

CWE-3072019

CVE-2020-28206

MEDIUM
CVSS:6.5(Medium)

An issue was discovered in Bitrix24 Bitrix Framework (1c site management) 20.0. An "User enumeration and Improper Restriction of Excessive Authentication Attempts" vulnerability exists in the admin lo...

CWE-3072020

CVE-2020-29136

MEDIUM
CVSS:6.5(Medium)

In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575).

CWE-3072020

CVE-2021-20635

MEDIUM
CVSS:6.5(Medium)

Improper restriction of excessive authentication attempts in LOGITEC LAN-WH450N/GR allows an attacker in the wireless range of the device to recover PIN and access the network.

CWE-3072021

CVE-2021-29987

MEDIUM
CVSS:6.5(Medium)

After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, ...

CWE-3072021