Location Intelligence V4.3 Brute Force Auth Attempts (CVE-2024-41682)
CVE-2024-41682 Published on August 13, 2024
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated remote attacker to conduct brute force attacks against legitimate user passwords.
Weakness Type
Improper Restriction of Excessive Authentication Attempts
The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.
Products Associated with CVE-2024-41682
Want to know whenever a new CVE is published for Siemens Location Intelligence? stack.watch will email you.
Affected Versions
Siemens Location Intelligence family:- Before V4.4 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.