CVE-1999-1324 - CVE Details

Description

VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which makes it easier for attackers to conduct brute force password guessing.

Severity

Overall Severity: CRITICAL

CVSS Metrics

Type	Score	Severity	Vector
CVSS v3.1	9.8	CRITICAL	`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`

Affected Products

hp - openvms_vax

Affected Versions:

References

http://ciac.llnl.gov/ciac/bulletins/d-06.shtml
Broken LinkPatchThird Party AdvisoryUS Government ResourceVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7225
Third Party AdvisoryVDB Entry
http://ciac.llnl.gov/ciac/bulletins/d-06.shtml
Broken LinkPatchThird Party AdvisoryUS Government ResourceVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7225
Third Party AdvisoryVDB Entry