CVE-2024-11126

LOW Year: 2024
CVSS v3 Score
3.1
Low
CVSS v2 Score
1.8
Low
Weakness Type
CWE-307
View all →

Vulnerability Description

A vulnerability was found in Digistar AG-30 Plus 2.6b. It has been classified as problematic. Affected is an unknown function of the component Login Page. The manipulation leads to improper restriction of excessive authentication attempts. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2023-3669

LOW
CVSS:3.3(Low)

A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.

CWE-3072023

CVE-2025-1629

MEDIUM
CVSS:3.5(Low)

A vulnerability was found in Excitel Broadband Private my Excitel App 3.13.0 on Android. It has been classified as problematic. Affected is an unknown function of the component One-Time Password Handl...

CWE-3072025

CVE-2019-17240

LOW
CVSS:3.7(Low)

bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.

CWE-3072019

CVE-2020-29042

LOW
CVSS:3.7(Low)

An issue was discovered in BigBlueButton through 2.2.29. A brute-force attack may occur because an unlimited number of codes can be entered for a meeting that is protected by an access code.

CWE-3072020

CVE-2021-29842

LOW
CVSS:3.7(Low)

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login...

CWE-3072021

CVE-2022-2822

LOW
CVSS:3.7(Low)

An attacker can freely brute force username and password and can takeover any account. An attacker could easily guess user passwords and gain access to user and administrative accounts.

CWE-3072022