Vulnerabilities > Authentication Bypass by Spoofing

DATE CVE VULNERABILITY TITLE RISK
2017-11-01 CVE-2017-14375 Authentication Bypass by Spoofing vulnerability in multiple products
EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system.
network
low complexity
emc dell CWE-290
critical
9.8
2017-07-28 CVE-2017-11717 Authentication Bypass by Spoofing vulnerability in Metinfo Project Metinfo
MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier for remote attackers to bypass intended challenge requirements by modifying the client-server data stream, as demonstrated by the login/findpass page.
network
low complexity
metinfo-project CWE-290
7.5
2017-05-17 CVE-2017-8422 Authentication Bypass by Spoofing vulnerability in KDE Kauth
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
local
low complexity
kde CWE-290
7.8
2017-03-02 CVE-2017-6405 Authentication Bypass by Spoofing vulnerability in Veritas Netbackup and Netbackup Appliance
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier.
network
low complexity
veritas CWE-290
7.5
2009-08-14 CVE-2009-1048 Authentication Bypass by Spoofing vulnerability in Snom products
The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 before 6.5.20, 7.1 before 7.1.39, and 7.3 before 7.3.14 allows remote attackers to bypass authentication, and reconfigure the phone or make arbitrary use of the phone, via a (1) http or (2) https request with 127.0.0.1 in the Host header.
network
low complexity
snom CWE-290
critical
9.8