CWE-307
Improper Restriction of Excessive Authentication Attempts
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
CVE-2020-1616 (GCVE-0-2020-1616)
Vulnerability from cvelistv5 – Published: 2020-04-08 19:25 – Updated: 2024-09-17 00:01
VLAI
Title
JATP Series: JATP Is susceptible to slow brute force attacks on the SSH service.
Summary
Due to insufficient server-side login attempt limit enforcement, a vulnerability in the SSH login service of Juniper Networks Juniper Advanced Threat Prevention (JATP) Series and Virtual JATP (vJATP) devices allows an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. Successful exploitation will allow the attacker to perform brute-force password attacks on the SSH service. This issue affects: Juniper Networks JATP and vJATP versions prior to 5.0.6.0.
Severity
5.3 (Medium)
CWE
- Brute-force password attack
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
- Insufficient Server-side login attempt limit enforcement
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA10999 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | JATP |
Affected:
unspecified , < 5.0.6.0
(custom)
|
Date Public
2020-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:29.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10999"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"JATP Series, vJATP"
],
"product": "JATP",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "5.0.6.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient server-side login attempt limit enforcement, a vulnerability in the SSH login service of Juniper Networks Juniper Advanced Threat Prevention (JATP) Series and Virtual JATP (vJATP) devices allows an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. Successful exploitation will allow the attacker to perform brute-force password attacks on the SSH service. This issue affects: Juniper Networks JATP and vJATP versions prior to 5.0.6.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Brute-force password attack",
"lang": "en",
"type": "text"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Insufficient Server-side login attempt limit enforcement",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T19:25:53.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.juniper.net/JSA10999"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: JATP-OS All-In-One version 5.0.6.0 and subsequent releases, and JATP-OS Core 5.0.6.0 and subsequent releases."
}
],
"source": {
"advisory": "JSA10999",
"defect": [
"1365233"
],
"discovery": "INTERNAL"
},
"title": "JATP Series: JATP Is susceptible to slow brute force attacks on the SSH service.",
"workarounds": [
{
"lang": "en",
"value": "There are no known workarounds for this issue. \nUtilize common security BCPs to limit the exploitable surface by limiting access to network and device to trusted systems, administrators, networks and hosts."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2020-04-08T13:00:00.000Z",
"ID": "CVE-2020-1616",
"STATE": "PUBLIC",
"TITLE": "JATP Series: JATP Is susceptible to slow brute force attacks on the SSH service."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "JATP",
"version": {
"version_data": [
{
"platform": "JATP Series, vJATP",
"version_affected": "\u003c",
"version_value": "5.0.6.0"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to insufficient server-side login attempt limit enforcement, a vulnerability in the SSH login service of Juniper Networks Juniper Advanced Threat Prevention (JATP) Series and Virtual JATP (vJATP) devices allows an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. Successful exploitation will allow the attacker to perform brute-force password attacks on the SSH service. This issue affects: Juniper Networks JATP and vJATP versions prior to 5.0.6.0."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Brute-force password attack"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-307 Improper Restriction of Excessive Authentication Attempts"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Insufficient Server-side login attempt limit enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10999",
"refsource": "MISC",
"url": "https://kb.juniper.net/JSA10999"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: JATP-OS All-In-One version 5.0.6.0 and subsequent releases, and JATP-OS Core 5.0.6.0 and subsequent releases."
}
],
"source": {
"advisory": "JSA10999",
"defect": [
"1365233"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "There are no known workarounds for this issue. \nUtilize common security BCPs to limit the exploitable surface by limiting access to network and device to trusted systems, administrators, networks and hosts."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2020-1616",
"datePublished": "2020-04-08T19:25:53.879Z",
"dateReserved": "2019-11-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:01:04.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-25196 (GCVE-0-2020-25196)
Vulnerability from cvelistv5 – Published: 2020-12-23 14:08 – Updated: 2024-09-17 00:37
VLAI
Title
MOXA NPort IAW5000A-I/O Series
Summary
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH/Telnet sessions, which may be vulnerable to brute force attacks to bypass authentication.
Severity
9.8 (Critical)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-20-287-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| MOXA | NPort IAW5000A-I/O |
Affected:
unspecified , ≤ Version 2.1
(custom)
|
Date Public
2020-10-13 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:33:04.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-287-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NPort IAW5000A-I/O",
"vendor": "MOXA",
"versions": [
{
"lessThanOrEqual": "Version 2.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Evgeniy Druzhinin and Ilya Karpov of Rostelecom-Solar reported these vulnerabilities to CISA"
}
],
"datePublic": "2020-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH/Telnet sessions, which may be vulnerable to brute force attacks to bypass authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-23T14:08:41.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-287-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Moxa has released an updated firmware version (https://www.moxa.com/en/support/product-support/software-and-documentation/search?psid=50535) for the NPort IAW5000A-I/O Series and recommends (https://www.moxa.com/en/support/support/security-advisory/nport-iaw5000a-io-serial-device-servers-vulnerabilities) users install this update on all affected systems."
}
],
"source": {
"advisory": "ICSA-20-287-01 - MOXA NPort IAW5000A-I/O Series",
"discovery": "EXTERNAL"
},
"title": "MOXA NPort IAW5000A-I/O Series",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2020-10-13T00:00:00.000Z",
"ID": "CVE-2020-25196",
"STATE": "PUBLIC",
"TITLE": "MOXA NPort IAW5000A-I/O Series"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NPort IAW5000A-I/O",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "Version 2.1"
}
]
}
}
]
},
"vendor_name": "MOXA"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Evgeniy Druzhinin and Ilya Karpov of Rostelecom-Solar reported these vulnerabilities to CISA"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH/Telnet sessions, which may be vulnerable to brute force attacks to bypass authentication."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-307: Improper Restriction of Excessive Authentication Attempts"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-287-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-287-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Moxa has released an updated firmware version (https://www.moxa.com/en/support/product-support/software-and-documentation/search?psid=50535) for the NPort IAW5000A-I/O Series and recommends (https://www.moxa.com/en/support/support/security-advisory/nport-iaw5000a-io-serial-device-servers-vulnerabilities) users install this update on all affected systems."
}
],
"source": {
"advisory": "ICSA-20-287-01 - MOXA NPort IAW5000A-I/O Series",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-25196",
"datePublished": "2020-12-23T14:08:41.583Z",
"dateReserved": "2020-09-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:37:03.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-28212 (GCVE-0-2020-28212)
Vulnerability from cvelistv5 – Published: 2020-11-19 21:03 – Updated: 2024-08-04 16:33
VLAI
Summary
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when a brute force attack is done over Modbus.
Severity
No CVSS data available.
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.se.com/ww/en/download/document/SEVD-2… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) |
Affected:
PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:33:58.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-07"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PLC Simulator on EcoStruxure\u00aa Control Expert (now Unity Pro) (all versions)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "PLC Simulator on EcoStruxure\u00aa Control Expert (now Unity Pro) (all versions)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxure\u00aa Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when a brute force attack is done over Modbus."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-19T21:03:43.000Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-07"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-28212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PLC Simulator on EcoStruxure\u00aa Control Expert (now Unity Pro) (all versions)",
"version": {
"version_data": [
{
"version_value": "PLC Simulator on EcoStruxure\u00aa Control Expert (now Unity Pro) (all versions)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxure\u00aa Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when a brute force attack is done over Modbus."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-307: Improper Restriction of Excessive Authentication Attempts"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-315-07",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-07"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2020-28212",
"datePublished": "2020-11-19T21:03:43.000Z",
"dateReserved": "2020-11-05T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:33:58.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-37228 (GCVE-0-2020-37228)
Vulnerability from cvelistv5 – Published: 2026-05-16 15:25 – Updated: 2026-05-18 17:53
VLAI
Title
iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security Bypass
Summary
iDS6 DSSPro Digital Signage System 6.2 contains a CAPTCHA security bypass vulnerability that allows attackers to bypass authentication by requesting the autoLoginVerifyCode object. Attackers can retrieve valid CAPTCHA codes via the login endpoint and use them to perform brute-force attacks against user accounts.
Severity
9.8 (Critical)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/48991 | exploit |
| https://www.zeroscience.mk/en/vulnerabilities/ZSL… | vendor-advisory |
| http://www.yerootech.com | product |
| https://www.vulncheck.com/advisories/ids6-dsspro-… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Yerootech | iDS6 DSSPro Digital Signage System |
Affected:
6.2
|
Date Public
2020-07-16 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-37228",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-18T17:39:52.553812Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-18T17:53:37.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iDS6 DSSPro Digital Signage System",
"vendor": "Yerootech",
"versions": [
{
"status": "affected",
"version": "6.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2020-07-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "iDS6 DSSPro Digital Signage System 6.2 contains a CAPTCHA security bypass vulnerability that allows attackers to bypass authentication by requesting the autoLoginVerifyCode object. Attackers can retrieve valid CAPTCHA codes via the login endpoint and use them to perform brute-force attacks against user accounts."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-16T15:25:46.353Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-48991",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/48991"
},
{
"name": "Vulnerability Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5607.php"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://www.yerootech.com"
},
{
"name": "VulnCheck Advisory: iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security Bypass",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/ids6-dsspro-digital-signage-system-captcha-security-bypass"
}
],
"title": "iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security Bypass",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-37228",
"datePublished": "2026-05-16T15:25:46.353Z",
"dateReserved": "2026-05-15T13:32:05.022Z",
"dateUpdated": "2026-05-18T17:53:37.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-7508 (GCVE-0-2020-7508)
Vulnerability from cvelistv5 – Published: 2020-06-16 19:44 – Updated: 2024-08-04 09:33
VLAI
Summary
A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to gain full access by brute force.
Severity
No CVSS data available.
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.se.com/ww/en/download/document/SEVD-2… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Easergy T300 (Firmware version 1.5.2 and older) |
Affected:
Easergy T300 (Firmware version 1.5.2 and older)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Easergy T300 (Firmware version 1.5.2 and older)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to gain full access by brute force."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-16T19:44:18.000Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-7508",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Easergy T300 (Firmware version 1.5.2 and older)",
"version": {
"version_data": [
{
"version_value": "Easergy T300 (Firmware version 1.5.2 and older)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to gain full access by brute force."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-307 Improper Restriction of Excessive Authentication Attempts"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-161-04"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2020-7508",
"datePublished": "2020-06-16T19:44:18.000Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:33:19.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7525 (GCVE-0-2020-7525)
Vulnerability from cvelistv5 – Published: 2020-08-31 16:12 – Updated: 2024-08-04 09:33
VLAI
Summary
Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a password when brute force is used.
Severity
No CVSS data available.
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.se.com/ww/en/download/document/SEVD-2… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | All hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) |
Affected:
All hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-02/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "All hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a password when brute force is used."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T16:12:54.000Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-02/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-7525",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk)",
"version": {
"version_data": [
{
"version_value": "All hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a password when brute force is used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-307: Improper Restriction of Excessive Authentication Attempts"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SEVD-2020-224-02/",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-02/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2020-7525",
"datePublished": "2020-08-31T16:12:54.000Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:33:19.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8202 (GCVE-0-2020-8202)
Vulnerability from cvelistv5 – Published: 2020-07-30 12:53 – Updated: 2024-08-04 09:56
VLAI
Summary
Improper check of inputs in Nextcloud Preferred Providers app v1.6.0 allowed to perform a denial of service attack when using a very long password.
Severity
No CVSS data available.
CWE
- CWE-307 - Brute Force (CWE-307)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://nextcloud.com/security/advisory/?id=NC-SA… | x_refsource_MISC |
| https://hackerone.com/reports/840598 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Nextcloud Preferred Providers |
Affected:
1.7.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-028"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/840598"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Nextcloud Preferred Providers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.7.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper check of inputs in Nextcloud Preferred Providers app v1.6.0 allowed to perform a denial of service attack when using a very long password."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "Brute Force (CWE-307)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-30T12:53:02.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-028"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/840598"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2020-8202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Nextcloud Preferred Providers",
"version": {
"version_data": [
{
"version_value": "1.7.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper check of inputs in Nextcloud Preferred Providers app v1.6.0 allowed to perform a denial of service attack when using a very long password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Brute Force (CWE-307)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-028",
"refsource": "MISC",
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-028"
},
{
"name": "https://hackerone.com/reports/840598",
"refsource": "MISC",
"url": "https://hackerone.com/reports/840598"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8202",
"datePublished": "2020-07-30T12:53:02.000Z",
"dateReserved": "2020-01-28T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:56:28.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1311 (GCVE-0-2021-1311)
Vulnerability from cvelistv5 – Published: 2021-01-13 21:46 – Updated: 2024-11-12 20:39
VLAI
Title
Cisco Webex Meetings and Cisco Webex Meetings Server Host Key Brute Forcing Vulnerability
Summary
A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the host key. An attacker could exploit this vulnerability by sending crafted requests to a vulnerable Cisco Webex Meetings or Webex Meetings Server site. A successful exploit would require the attacker to have access to join a Webex meeting, including applicable meeting join links and passwords. A successful exploit could allow the attacker to acquire or take over the host role for a meeting.
Severity
5.4 (Medium)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco WebEx Meetings Server |
Affected:
n/a
|
Date Public
2021-01-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.395Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210113 Cisco Webex Meetings and Cisco Webex Meetings Server Host Key Brute Forcing Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-brutef-hostkey-FWRMxVF"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1311",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:52:54.578387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:39:39.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco WebEx Meetings Server",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-01-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the host key. An attacker could exploit this vulnerability by sending crafted requests to a vulnerable Cisco Webex Meetings or Webex Meetings Server site. A successful exploit would require the attacker to have access to join a Webex meeting, including applicable meeting join links and passwords. A successful exploit could allow the attacker to acquire or take over the host role for a meeting."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T21:46:00.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210113 Cisco Webex Meetings and Cisco Webex Meetings Server Host Key Brute Forcing Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-brutef-hostkey-FWRMxVF"
}
],
"source": {
"advisory": "cisco-sa-webex-brutef-hostkey-FWRMxVF",
"defect": [
[
"CSCvv72420",
"CSCvv84319"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Webex Meetings and Cisco Webex Meetings Server Host Key Brute Forcing Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-01-13T16:00:00",
"ID": "CVE-2021-1311",
"STATE": "PUBLIC",
"TITLE": "Cisco Webex Meetings and Cisco Webex Meetings Server Host Key Brute Forcing Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco WebEx Meetings Server",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the host key. An attacker could exploit this vulnerability by sending crafted requests to a vulnerable Cisco Webex Meetings or Webex Meetings Server site. A successful exploit would require the attacker to have access to join a Webex meeting, including applicable meeting join links and passwords. A successful exploit could allow the attacker to acquire or take over the host role for a meeting."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.4",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-307"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210113 Cisco Webex Meetings and Cisco Webex Meetings Server Host Key Brute Forcing Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-brutef-hostkey-FWRMxVF"
}
]
},
"source": {
"advisory": "cisco-sa-webex-brutef-hostkey-FWRMxVF",
"defect": [
[
"CSCvv72420",
"CSCvv84319"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1311",
"datePublished": "2021-01-13T21:46:00.187Z",
"dateReserved": "2020-11-13T00:00:00.000Z",
"dateUpdated": "2024-11-12T20:39:39.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22737 (GCVE-0-2021-22737)
Vulnerability from cvelistv5 – Published: 2021-05-26 00:00 – Updated: 2024-08-03 18:51
VLAI
Summary
Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are discovered after a brute force attack.
Severity
No CVSS data available.
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior |
Affected:
homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:51:06.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are discovered after a brute force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-10T00:00:00.000Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2021-22737",
"datePublished": "2021-05-26T00:00:00.000Z",
"dateReserved": "2021-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-03T18:51:06.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22915 (GCVE-0-2021-22915)
Vulnerability from cvelistv5 – Published: 2021-06-11 15:49 – Updated: 2024-08-03 18:58
VLAI
Summary
Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an attacker bypassing rate-limit controls such as the Nextcloud brute-force protection.
Severity
No CVSS data available.
CWE
- CWE-307 - Brute Force (CWE-307)
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://hackerone.com/reports/1154003 | x_refsource_MISC |
| https://nextcloud.com/security/advisory/?id=NC-SA… | x_refsource_MISC |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Nextcloud Server |
Affected:
Fixed in 19.0.11, 20.0.10, 21.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:25.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1154003"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-009"
},
{
"name": "FEDORA-2021-eac0e52f88",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L6BO6P6MP2MOWA6PZRXX32PLWPXN5O4S/"
},
{
"name": "FEDORA-2021-afa7968aeb",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AGXGR6HYGQ6MZXISMJEHCOXRGRFRUFMA/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Nextcloud Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 19.0.11, 20.0.10, 21.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an attacker bypassing rate-limit controls such as the Nextcloud brute-force protection."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "Brute Force (CWE-307)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-09T08:08:42.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1154003"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-009"
},
{
"name": "FEDORA-2021-eac0e52f88",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L6BO6P6MP2MOWA6PZRXX32PLWPXN5O4S/"
},
{
"name": "FEDORA-2021-afa7968aeb",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AGXGR6HYGQ6MZXISMJEHCOXRGRFRUFMA/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Nextcloud Server",
"version": {
"version_data": [
{
"version_value": "Fixed in 19.0.11, 20.0.10, 21.0.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an attacker bypassing rate-limit controls such as the Nextcloud brute-force protection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Brute Force (CWE-307)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1154003",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1154003"
},
{
"name": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-009",
"refsource": "MISC",
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-009"
},
{
"name": "FEDORA-2021-eac0e52f88",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6BO6P6MP2MOWA6PZRXX32PLWPXN5O4S/"
},
{
"name": "FEDORA-2021-afa7968aeb",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGXGR6HYGQ6MZXISMJEHCOXRGRFRUFMA/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22915",
"datePublished": "2021-06-11T15:49:38.000Z",
"dateReserved": "2021-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-03T18:58:25.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Common protection mechanisms include:
- Disconnecting the user after a small number of failed attempts
- Implementing a timeout
- Locking out a targeted account
- Requiring a computational task on the user's part.
Mitigation ID: MIT-4
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Description:
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid [REF-1482].
- Consider using libraries with authentication capabilities such as OpenSSL or the ESAPI Authenticator. [REF-45]
CAPEC-16: Dictionary-based Password Attack
["An attacker tries each of the words in a dictionary as passwords to gain access to the system via some user's account. If the password chosen by the user was a word within the dictionary, this attack will be successful (in the absence of other mitigations). This is a specific instance of the password brute forcing attack pattern.", "Dictionary Attacks differ from similar attacks such as Password Spraying (CAPEC-565) and Credential Stuffing (CAPEC-600), since they leverage unknown username/password combinations and don't care about inducing account lockouts."]
CAPEC-49: Password Brute Forcing
An adversary tries every possible value for a password until they succeed. A brute force attack, if feasible computationally, will always be successful because it will essentially go through all possible passwords given the alphabet used (lower case letters, upper case letters, numbers, symbols, etc.) and the maximum length of the password.
CAPEC-560: Use of Known Domain Credentials
An adversary guesses or obtains (i.e. steals or purchases) legitimate credentials (e.g. userID/password) to achieve authentication and to perform authorized actions under the guise of an authenticated user or service.
CAPEC-565: Password Spraying
In a Password Spraying attack, an adversary tries a small list (e.g. 3-5) of common or expected passwords, often matching the target's complexity policy, against a known list of user accounts to gain valid credentials. The adversary tries a particular password for each user account, before moving onto the next password in the list. This approach assists the adversary in remaining undetected by avoiding rapid or frequent account lockouts. The adversary may then reattempt the process with additional passwords, once enough time has passed to prevent inducing a lockout.
CAPEC-600: Credential Stuffing
An adversary tries known username/password combinations against different systems, applications, or services to gain additional authenticated access. Credential Stuffing attacks rely upon the fact that many users leverage the same username/password combination for multiple systems, applications, and services.
CAPEC-652: Use of Known Kerberos Credentials
An adversary obtains (i.e. steals or purchases) legitimate Kerberos credentials (e.g. Kerberos service account userID/password or Kerberos Tickets) with the goal of achieving authenticated access to additional systems, applications, or services within the domain.
CAPEC-653: Use of Known Operating System Credentials
An adversary guesses or obtains (i.e. steals or purchases) legitimate operating system credentials (e.g. userID/password) to achieve authentication and to perform authorized actions on the system, under the guise of an authenticated user or service. This applies to any Operating System.