Vulnerabilities > Improper Authentication

DATE CVE VULNERABILITY TITLE RISK
2023-09-27 CVE-2023-41904 Improper Authentication vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass (for AuthToken generation) in REST APIs.
network
low complexity
zohocorp CWE-287
5.4
2023-09-27 CVE-2023-44152 Improper Authentication vulnerability in Acronis Cyber Protect 15
Sensitive information disclosure and manipulation due to improper authentication.
network
low complexity
acronis CWE-287
critical
9.1
2023-09-20 CVE-2023-31015 Improper Authentication vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in the REST service where a host user may cause as improper authentication issue.
local
low complexity
nvidia CWE-287
7.8
2023-09-19 CVE-2023-4094 Improper Authentication vulnerability in Fujitsu Arconte Aurea 1.5.0.0
ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make incorrect access requests in order to block each legitimate account and cause a denial of service.
network
low complexity
fujitsu CWE-287
8.2
2023-09-19 CVE-2023-0773 Improper Authentication vulnerability in Uniview Ipc322Lb-Sf28-A Firmware
The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface.
network
low complexity
uniview CWE-287
critical
9.8
2023-09-15 CVE-2023-0813 Improper Authentication vulnerability in Redhat Network Observability 1.0
A flaw was found in the Network Observability plugin for OpenShift console.
network
low complexity
redhat CWE-287
7.5
2023-09-15 CVE-2023-42442 Improper Authentication vulnerability in Fit2Cloud Jumpserver
JumpServer is an open source bastion host and a professional operation and maintenance security audit system.
network
low complexity
fit2cloud CWE-287
5.3
2023-09-15 CVE-2022-47848 Improper Authentication vulnerability in Bezeq Vtech Iad604-Il Firmware and Vtech Nb403-Il Firmware
An issue was discovered in Bezeq Vtech NB403-IL version BZ_2.02.07.09.13.01 and Vtech IAD604-IL versions BZ_2.02.07.09.13.01, BZ_2.02.07.09.13T, and BZ_2.02.07.09.09T, allows remote attackers to gain sensitive information via rootDesc.xml page of the UPnP service.
network
low complexity
bezeq CWE-287
7.5
2023-09-15 CVE-2023-4985 Improper Authentication vulnerability in Supcon Inplant Scada
A vulnerability classified as critical has been found in Supcon InPlant SCADA up to 20230901.
local
low complexity
supcon CWE-287
7.8
2023-09-14 CVE-2023-4669 Improper Authentication vulnerability in Exagate Sysguard 3001 Firmware
** UNSUPPPORTED WHEN ASSIGNED ** Authentication Bypass by Assumed-Immutable Data vulnerability in Exagate SYSGuard 3001 allows Authentication Bypass.This issue affects SYSGuard 3001: before 3.2.20.0.
network
low complexity
exagate CWE-287
critical
9.8