Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-28 | CVE-2020-16088 | Improper Authentication vulnerability in Openbsd iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches. | 9.8 |
| 2020-07-27 | CVE-2020-9077 | Improper Authentication vulnerability in Huawei P30 Firmware HUAWEI P30 smart phones with versions earlier than 10.1.0.160(C00E160R2P11) have an information exposure vulnerability. | 3.3 |
| 2020-07-24 | CVE-2020-8207 | Improper Authentication vulnerability in Citrix Workspace 1912/2002 Improper access control in Citrix Workspace app for Windows 1912 CU1 and 2006.1 causes privilege escalation and code execution when the automatic updater service is running. | 8.8 |
| 2020-07-24 | CVE-2020-15921 | Improper Authentication vulnerability in Midasolutions Eframework 2.8.0/2.8.9/2.9.0 Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution. | 9.8 |
| 2020-07-22 | CVE-2020-15896 | Improper Authentication vulnerability in Dlink Dap-1522 Firmware 1.41/1.42 An authentication-bypass issue was discovered on D-Link DAP-1522 devices 1.4x before 1.10b04Beta02. | 7.5 |
| 2020-07-20 | CVE-2020-6871 | Improper Authentication vulnerability in ZTE products The server management software module of ZTE has an authentication issue vulnerability, which allows users to skip the authentication of the server and execute some commands for high-level users. | 9.8 |
| 2020-07-20 | CVE-2020-14485 | Improper Authentication vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to bypass client-side access controls or use a crafted request to initiate a session with limited functionality, which may allow execution of admin functions such as SQL queries. | 9.8 |
| 2020-07-17 | CVE-2020-9259 | Improper Authentication vulnerability in Huawei Honor V30 Firmware 10.0.1.135(C00E130R4P1) Huawei Honor V30 smartphones with versions earlier than 10.1.0.212(C00E210R5P1) have an improper authentication vulnerability. | 6.5 |
| 2020-07-16 | CVE-2020-3388 | Improper Authentication vulnerability in Cisco Sd-Wan Firmware A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 7.8 |
| 2020-07-16 | CVE-2020-3197 | Improper Authentication vulnerability in Cisco Meeting Server A vulnerability in the API subsystem of Cisco Meetings App could allow an unauthenticated, remote attacker to retain and reuse the Traversal Using Relay NAT (TURN) server credentials that are configured in an affected system. | 5.3 |