Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-15 | CVE-2018-21246 | Improper Authentication vulnerability in Caddyserver Caddy Caddy before 0.10.13 mishandles TLS client authentication, as demonstrated by an authentication bypass caused by the lack of the StrictHostMatching mode. | 9.8 |
| 2020-06-15 | CVE-2020-9076 | Improper Authentication vulnerability in Huawei P30 Firmware, P30 PRO Firmware and Tony-Al00B Firmware HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. | 6.8 |
| 2020-06-15 | CVE-2020-4494 | Improper Authentication vulnerability in IBM products IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication due to improper session validation which can result in access to unauthorized resources. | 7.5 |
| 2020-06-08 | CVE-2020-9099 | Improper Authentication vulnerability in Huawei products Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6300; Secospace USG6500; Secospace USG6600; USG9500 with versions of V500R001C00; V500R001C20; V500R001C30; V500R001C50; V500R001C60; V500R001C80; V500R005C00; V500R005C10; V500R005C20; V500R002C00; V500R002C10; V500R002C20; V500R002C30 have an improper authentication vulnerability. | 9.8 |
| 2020-06-05 | CVE-2020-12848 | Improper Authentication vulnerability in Pydio Cells 2.0.4 In Pydio Cells 2.0.4, once an authenticated user shares a file selecting the create a public link option, a hidden shared user account is created in the backend with a random username. | 5.4 |
| 2020-06-04 | CVE-2019-20833 | Improper Authentication vulnerability in Foxitsoftware Phantompdf An issue was discovered in Foxit PhantomPDF before 8.3.10. | 7.5 |
| 2020-06-04 | CVE-2018-21235 | Improper Authentication vulnerability in Foxitsoftware E-Mail Advertising System An issue was discovered in Foxit E-mail advertising system before September 2018. | 7.5 |
| 2020-06-03 | CVE-2020-3216 | Improper Authentication vulnerability in Cisco IOS XE Sd-Wan A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. | 6.8 |
| 2020-05-29 | CVE-2020-1833 | Improper Authentication vulnerability in Huawei Honor 9X Firmware Honor 9X smartphones with versions earlier than 9.1.1.172(C00E170R8P1) have an improper authentication vulnerability. | 2.4 |
| 2020-05-29 | CVE-2020-1798 | Improper Authentication vulnerability in Huawei P30 Firmware HUAWEI P30 smartphones with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. | 4.6 |