Description
Brute Force Prevention Bypassed occurs when software lacks adequate measures to counter multiple failed authentication attempts within a short time frame, rendering it vulnerable to brute force attacks.
Recommendation
To mitigate this vulnerability, consider implementing CAPTCHA challenges or enforcing account lockout mechanisms for target user accounts or source IP addresses after multiple failed authentication attempts.
References
Related Issues
- Apache Tomcat Manager Login Found - Vulnerability
- Weak Password - Vulnerability
- Unreferenced Login Page Found - Vulnerability
- WordPress Login Page Found - Vulnerability
- Tags:
- Brute Force
- Authentication
- CAPTCHA
Anything's wrong? Let us know Last updated on May 13, 2024