CVE-2024-49597

HIGH Year: 2024
CVSS v3 Score
7.2
High
Weakness Type
CWE-307
View all →

Vulnerability Description

Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of Excessive Authentication Attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass.

Related Vulnerabilities

CVE-2019-20881

HIGH
CVSS:7.3(High)

An issue was discovered in Mattermost Server before 5.8.0. It mishandles brute-force attacks against MFA.

CWE-3072019

CVE-2021-3412

HIGH
CVSS:7.3(High)

It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduc...

CWE-3072021

CVE-2022-2525

HIGH
CVSS:7.3(High)

Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20.

CWE-3072022

CVE-2023-2531

HIGH
CVSS:7.3(High)

Improper Restriction of Excessive Authentication Attempts in GitHub repository azuracast/azuracast prior to 0.18.3.

CWE-3072023

CVE-2023-45582

HIGH
CVSS:7.3(High)

An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiMail webmail version 7.2.0 through 7.2.4, 7.0.0 through 7.0.6 and before 6.4.8 may allow an unauthenticated...

CWE-3072023

CVE-2023-25818

HIGH
CVSS:7.1(High)

Nextcloud server is an open source, personal cloud implementation. In affected versions a malicious user could try to reset the password of another user and then brute force the 62^21 combinations for...

CWE-3072023