CWE-645
Overly Restrictive Account Lockout Mechanism
The product contains an account lockout protection mechanism, but the mechanism is too restrictive and can be triggered too easily, which allows attackers to deny service to legitimate users by causing their accounts to be locked out.
Official CWE-645 definition at MITREImpactr finds and proves weaknesses like CWE-645 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist