Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-14 | CVE-2019-20046 | Improper Authentication vulnerability in S3India Husky RTU 6049-E70 Firmware 5.0 The Synergy Systems & Solutions PLC & RTU system has a vulnerability in HUSKY RTU 6049-E70 firmware versions 5.0 and prior. | 9.8 |
| 2020-02-14 | CVE-2020-5532 | Improper Authentication vulnerability in Extrun Ilbo ilbo App (ilbo App for Android prior to version 1.1.8 and ilbo App for iOS prior to version 1.2.01) allows an attacker on the same network segment to bypass authentication and to view the images which were recorded by the other ilbo user's device via unspecified vectors. | 4.3 |
| 2020-02-13 | CVE-2013-6360 | Improper Authentication vulnerability in Trendnet Ts-S402 Firmware 2.00.11 TRENDnet TS-S402 has a backdoor to enable TELNET. | 7.5 |
| 2020-02-13 | CVE-2019-3998 | Improper Authentication vulnerability in Simplisafe SS3 Firmware 1.4 Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a local, unauthenticated attacker to modify the Wi-Fi network the base station connects to. | 5.5 |
| 2020-02-13 | CVE-2019-14598 | Improper Authentication vulnerability in multiple products Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access. | 6.7 |
| 2020-02-13 | CVE-2014-4198 | Improper Authentication vulnerability in Bssys RBS Bs-Client. Retail Client 2.4/2.5 A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function. | 9.1 |
| 2020-02-13 | CVE-2020-8953 | Improper Authentication vulnerability in Openvpn Access Server 2.8.0 OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication). | 9.8 |
| 2020-02-12 | CVE-2011-4338 | Improper Authentication vulnerability in Shaman Project Shaman 1.0.9 Shaman 1.0.9: Users can add the line askforpwd=false to his shaman.conf file, without entering the root password in shaman. | 7.8 |
| 2020-02-12 | CVE-2020-8595 | Improper Authentication vulnerability in multiple products Istio versions 1.2.10 (End of Life) and prior, 1.3 through 1.3.7, and 1.4 through 1.4.3 allows authentication bypass. | 7.3 |
| 2020-02-11 | CVE-2020-0688 | Improper Authentication vulnerability in Microsoft Exchange Server A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. | 8.8 |