Critical severity9.8NVD Advisory· Published Dec 31, 1999· Updated Apr 16, 2026

CVE-1999-1324

Description

VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which makes it easier for attackers to conduct brute force password guessing.

Affected products

HP/Openvms Vax
cpe:2.3:o:hp:openvms_vax:*:*:*:*:*:*:*:*
Range: >=5.3,<=5.5.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ciac.llnl.gov/ciac/bulletins/d-06.shtmlnvdBroken LinkPatchThird Party AdvisoryUS Government ResourceVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/7225nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000