Title: iFOBS Multiple Script Login Functionality Brute Force Weakness
May 29, 2012
May 04, 2012
Sep 14, 2012
iFOBS contains a flaw related to the /ifobsClient/loginlite.jsp and /ifobsClient/loginsecurity.jsp script. The login functionality fails to implement CAPTCHA or a similar anti-automation tool. This may allow an attacker to more easily conduct brute force attacks against a user's account.
Remote / Network Access
Loss of Integrity
OSVDB is not aware of a solution for this vulnerability.