Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-10 | CVE-2020-8193 | Improper Authentication vulnerability in Citrix products Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints. | 6.5 |
| 2020-07-06 | CVE-2020-1838 | Improper Authentication vulnerability in Huawei Mate 30 PRO Firmware 10.0.0.203(C00E202R7P2)/10.0.0.205(C00E202R7P2) HUAWEI Mate 30 Pro with versions earlier than 10.1.0.150(C00E136R5P3) have is an improper authentication vulnerability. | 5.5 |
| 2020-07-02 | CVE-2020-4074 | Improper Authentication vulnerability in Prestashop In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, the authentication system is malformed and an attacker is able to forge requests and execute admin commands. | 9.8 |
| 2020-07-02 | CVE-2020-3297 | Improper Authentication vulnerability in Cisco products A vulnerability in session management for the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to defeat authentication protections and gain unauthorized access to the management interface. | 9.8 |
| 2020-06-29 | CVE-2020-14070 | Improper Authentication vulnerability in Mk-Auth 19.01 An issue was discovered in MK-AUTH 19.01. | 9.8 |
| 2020-06-29 | CVE-2019-18252 | Improper Authentication vulnerability in Biotronik products BIOTRONIK CardioMessenger II, The affected products allow credential reuse for multiple authentication purposes. | 4.3 |
| 2020-06-29 | CVE-2019-18246 | Improper Authentication vulnerability in Biotronik products BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication with the BIOTRONIK Remote Communication infrastructure. | 4.3 |
| 2020-06-29 | CVE-2019-20412 | Improper Authentication vulnerability in Atlassian products The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate the following information via an Improper Authentication vulnerability: Workflow names; Project Key, if it is part of the workflow name; Issue Keys; Issue Types; Status Types. | 5.3 |
| 2020-06-26 | CVE-2020-14477 | Improper Authentication vulnerability in Philips products In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may use an alternate path or channel that does not require authentication of the alternate service login to view or modify information. | 4.4 |
| 2020-06-24 | CVE-2020-10278 | Improper Authentication vulnerability in multiple products The BIOS onboard MiR's Computer is not protected by password, therefore, it allows a Bad Operator to modify settings such as boot order. | 4.6 |