Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-12 | CVE-2019-18314 | Improper Authentication vulnerability in Siemens Sppa-T3000 Application Server R8.2 A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). | 9.8 |
| 2019-12-12 | CVE-2019-18312 | Improper Authentication vulnerability in Siemens Sppa-T3000 Ms3000 Migration Server A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). | 5.3 |
| 2019-12-11 | CVE-2013-4593 | Improper Authentication vulnerability in Omniauth-Facebook Project Omniauth-Facebook RubyGem omniauth-facebook has an access token security vulnerability | 7.5 |
| 2019-12-10 | CVE-2019-14870 | Improper Authentication vulnerability in multiple products All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. | 5.4 |
| 2019-12-10 | CVE-2013-2159 | Improper Authentication vulnerability in Monkey-Project Monkey 1.2.1 Monkey HTTP Daemon: broken user name authentication | 9.8 |
| 2019-12-09 | CVE-2019-18380 | Improper Authentication vulnerability in Symantec Industrial Control System Protection 6.0.0 Symantec Industrial Control System Protection (ICSP), versions 6.x.x, may be susceptible to an unauthorized access issue that could potentially allow a threat actor to create or modify application user accounts without proper authentication. | 6.5 |
| 2019-12-05 | CVE-2019-15897 | Improper Authentication vulnerability in Thinkparq Beegfs 7.1.3 beegfs-ctl in ThinkParQ BeeGFS through 7.1.3 allows Authentication Bypass via communication with a BeeGFS metadata server (which is typically not exposed to external networks). | 9.6 |
| 2019-12-05 | CVE-2019-17437 | Improper Authentication vulnerability in Paloaltonetworks Pan-Os An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. | 7.8 |
| 2019-12-05 | CVE-2019-19598 | Improper Authentication vulnerability in Dlink Dap-1860 Firmware 1.01B06/1.02B01/1.04B01 D-Link DAP-1860 devices before v1.04b03 Beta allow access to administrator functions without authentication via the HNAP_AUTH header timestamp value. | 8.8 |
| 2019-12-05 | CVE-2019-19521 | Improper Authentication vulnerability in Openbsd 6.6 libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. | 9.8 |