Vulnerabilities > Improper Authentication
|2021-07-14||CVE-2021-33766|| Improper Authentication vulnerability in Microsoft Exchange Server 2013/2016/2019 |
Microsoft Exchange Information Disclosure Vulnerability
| 5.0 |
|2021-07-13||CVE-2021-21994|| Improper Authentication vulnerability in VMWare Cloud Foundation and Esxi |
SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability.
| 6.8 |
|2021-07-12||CVE-2020-19037|| Improper Authentication vulnerability in Halo 0.4.3 |
Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via cookies.
| 5.0 |
|2021-07-12||CVE-2021-30640|| Improper Authentication vulnerability in multiple products |
A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm.
| 6.4 |
|2021-07-12||CVE-2021-3547|| Improper Authentication vulnerability in Openvpn 3.6/3.6.1 |
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration.
| 5.8 |
|2021-07-08||CVE-2021-29151|| Improper Authentication vulnerability in Arubanetworks Clearpass Policy Manager |
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9.
| 4.0 |
|2021-07-08||CVE-2021-25430|| Improper Authentication vulnerability in Google Android |
Improper access control vulnerability in Bluetooth application prior to SMR July-2021 Release 1 allows untrusted application to access the Bluetooth information in Bluetooth application.
| 3.3 |
|2021-07-08||CVE-2021-25442|| Improper Authentication vulnerability in Samsung Knox Cloud Services |
Improper MDM policy management vulnerability in KME module prior to KCS version 1.39 allows MDM users to bypass Knox Manage authentication.
| 5.0 |
|2021-07-07||CVE-2021-20776|| Improper Authentication vulnerability in A-Stage-Inc At-40Cm01Sr Firmware and Sct-40Cm01Sr Firmware |
Improper authentication vulnerability in SCT-40CM01SR and AT-40CM01SR allows an attacker to bypass access restriction and execute an arbitrary command via telnet.
| 7.5 |
|2021-07-06||CVE-2021-22228|| Improper Authentication vulnerability in Gitlab |
An issue has been discovered in GitLab affecting all versions.
| 4.0 |