Ipdiva · Ipdiva Ssl Vpn Server · CVE-2008-0915
**Name of the Vulnerable Software and Affected Versions**
IPdiva SSL VPN Server versions 2.2 before 2.2.8.84
IPdiva SSL VPN Server versions 2.3 before 2.3.2.14
**Description**
The issue allows remote attackers to conduct brute force attacks by manipulating the cookie's value that stores the number of remaining allowed login attempts.
**Recommendations**
For IPdiva SSL VPN Server versions 2.2 before 2.2.8.84, update to version 2.2.8.84 or later.
For IPdiva SSL VPN Server versions 2.3 before 2.3.2.14, update to version 2.3.2.14 or later.