Описание
The account lockout capability in Oblix NetPoint 5.2 and earlier only locks out users once for the specified lockout period, which makes it easier for remote attackers to conduct brute force password guessing by waiting until the lockout period ends, then guessing passwords without being locked out again.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:oblix:netpoint:5.2:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01679
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The account lockout capability in Oblix NetPoint 5.2 and earlier only locks out users once for the specified lockout period, which makes it easier for remote attackers to conduct brute force password guessing by waiting until the lockout period ends, then guessing passwords without being locked out again.
EPSS
Процентиль: 82%
0.01679
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other