Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-19 | CVE-2020-10669 | Improper Authentication vulnerability in Canon OCE Colorwave 500 Firmware 4.0.0.0 The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. | 7.5 |
| 2020-03-19 | CVE-2020-4205 | Improper Authentication vulnerability in IBM Datapower Gateway IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could allow an authenticated user to bypass security restrictions, and continue to access the server even after authentication certificates have been revolked. | 6.3 |
| 2020-03-16 | CVE-2020-6988 | Improper Authentication vulnerability in Rockwellautomation products Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix controller. | 7.5 |
| 2020-03-16 | CVE-2018-13060 | Improper Authentication vulnerability in Easyappointments Easy!Appointments Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue. | 6.5 |
| 2020-03-15 | CVE-2020-10594 | Improper Authentication vulnerability in Styria Django-Rest-Framework-Json web Tokens 1.15.0 An issue was discovered in drf-jwt 1.15.x before 1.15.1. | 9.1 |
| 2020-03-12 | CVE-2020-9064 | Improper Authentication vulnerability in Huawei Honor V30 Firmware 10.0.1.135(C00E130R4P1)/10.1.0.212(C00E210R5P1)/Oxfordsan00A10.0.1.167(C00E166R4P1) Huawei smartphone Honor V30 with versions earlier than OxfordS-AN00A 10.0.1.167(C00E166R4P1) have an improper authentication vulnerability. | 5.5 |
| 2020-03-05 | CVE-2020-8994 | Improper Authentication vulnerability in MI Mdz-25-Dt Firmware 1.34.36/1.40.14 An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1.40.14. | 6.8 |
| 2020-03-04 | CVE-2020-8664 | Improper Authentication vulnerability in Cncf Envoy 1.13.0 CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. | 5.3 |
| 2020-03-04 | CVE-2020-5536 | Improper Authentication vulnerability in Plathome Openblocks IOT VX2 Firmware OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors. | 8.8 |
| 2020-03-02 | CVE-2018-15819 | Improper Authentication vulnerability in Easyio 30P Firmware 2.0.5.16 EasyIO EasyIO-30P devices before 2.0.5.27 have Incorrect Access Control, related to webuser.js. | 7.5 |