Vulnerabilities > Authentication Bypass by Spoofing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-02 | CVE-2020-10136 | Authentication Bypass by Spoofing vulnerability in multiple products IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing. | 5.3 |
| 2020-05-19 | CVE-2020-10135 | Authentication Bypass by Spoofing vulnerability in multiple products Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. | 5.4 |
| 2020-05-13 | CVE-2020-2002 | Authentication Bypass by Spoofing vulnerability in Paloaltonetworks Pan-Os An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. | 8.1 |
| 2020-05-06 | CVE-2020-4421 | Authentication Bypass by Spoofing vulnerability in IBM Websphere Application Server IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allow an authenticated user using openidconnect to spoof another users identify. | 5.4 |
| 2020-04-30 | CVE-2020-11015 | Authentication Bypass by Spoofing vulnerability in Thinx-Device-Api Project Thinx-Device-Api A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0. | 9.1 |
| 2020-04-27 | CVE-2020-12272 | Authentication Bypass by Spoofing vulnerability in multiple products OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. | 5.3 |
| 2020-04-27 | CVE-2019-20790 | Authentication Bypass by Spoofing vulnerability in multiple products OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field. | 9.8 |
| 2020-04-08 | CVE-2020-4290 | Authentication Bypass by Spoofing vulnerability in IBM Security Information Queue IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow any authenticated user to spoof the configuration owner of any other user which disclose sensitive information or allow for unauthorized access. | 5.4 |
| 2020-03-25 | CVE-2020-6810 | Authentication Bypass by Spoofing vulnerability in Mozilla Firefox After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. | 4.3 |
| 2020-03-25 | CVE-2020-6808 | Authentication Bypass by Spoofing vulnerability in Mozilla Firefox When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. | 6.5 |