Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-14 | CVE-2020-12874 | Improper Authentication vulnerability in Veritas Aptare Veritas APTARE versions prior to 10.4 included code that bypassed the normal login process when specific authentication credentials were provided to the server. | 9.8 |
| 2020-05-13 | CVE-2020-2018 | Improper Authentication vulnerability in Paloaltonetworks Pan-Os An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls. | 9.0 |
| 2020-05-12 | CVE-2020-1718 | Improper Authentication vulnerability in Redhat Keycloak A flaw was found in the reset credential flow in all Keycloak versions before 8.0.0. | 8.8 |
| 2020-05-07 | CVE-2020-10916 | Improper Authentication vulnerability in Tp-Link Tl-Wa855Re Firmware 190408/191213 This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P1[20191213-rel60361] Wi-Fi extenders. | 8.0 |
| 2020-05-06 | CVE-2020-3125 | Improper Authentication vulnerability in Cisco products A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to impersonate the Kerberos key distribution center (KDC) and bypass authentication on an affected device that is configured to perform Kerberos authentication for VPN or local device access. | 9.8 |
| 2020-05-02 | CVE-2020-5727 | Improper Authentication vulnerability in Simplisafe SS3 Firmware 1.0/1.3 Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system. | 4.6 |
| 2020-04-29 | CVE-2020-11020 | Improper Authentication vulnerability in Faye Project Faye Faye (NPM, RubyGem) versions greater than 0.5.0 and before 1.0.4, 1.1.3 and 1.2.5, has the potential for authentication bypass in the extension system. | 9.8 |
| 2020-04-28 | CVE-2016-11057 | Improper Authentication vulnerability in Netgear products Certain NETGEAR devices are affected by mishandling of repeated URL calls. | 7.5 |
| 2020-04-28 | CVE-2017-18862 | Improper Authentication vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 6.5 |
| 2020-04-28 | CVE-2020-5567 | Improper Authentication vulnerability in Cybozu Garoon Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu. | 7.5 |