Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-20816 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness. | 6.5 |
| 2024-02-02 | CVE-2023-50934 | Improper Authentication vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. | 5.3 |
| 2024-02-01 | CVE-2023-47256 | Improper Authentication vulnerability in Connectwise Automate and Screenconnect ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings | 5.5 |
| 2024-02-01 | CVE-2024-1039 | Improper Authentication vulnerability in Gesslergmbh Web-Master Firmware 7.9 Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device. | 9.8 |
| 2024-01-31 | CVE-2024-23637 | Improper Authentication vulnerability in Octoprint OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password. | 4.9 |
| 2024-01-30 | CVE-2023-51982 | Improper Authentication vulnerability in Cratedb 5.5.1 CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. | 9.8 |
| 2024-01-29 | CVE-2024-23792 | Improper Authentication vulnerability in Otrs When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. | 6.5 |
| 2024-01-26 | CVE-2024-23629 | Improper Authentication vulnerability in Motorola Mr2600 Firmware An authentication bypass vulnerability exists in the web component of the Motorola MR2600. | 7.5 |
| 2024-01-25 | CVE-2024-0822 | Improper Authentication vulnerability in Ovirt Ovirt-Engine An authentication bypass vulnerability was found in overt-engine. | 7.5 |
| 2024-01-23 | CVE-2023-50275 | Improper Authentication vulnerability in HP Oneview HPE OneView may allow clusterService Authentication Bypass resulting in denial of service. | 7.5 |