Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-25 | CVE-2019-18374 | Improper Authentication vulnerability in Broadcom Symantec Critical System Protection 8.0.0 Symantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 & 8.0 MP1, may be susceptible to an authentication bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing authentication controls. | 9.8 |
| 2019-11-22 | CVE-2019-16286 | Improper Authentication vulnerability in HP Thinpro Linux An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands. | 6.8 |
| 2019-11-22 | CVE-2019-3654 | Improper Authentication vulnerability in Mcafee Client Proxy Authentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy (MCP) prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites for a short period of time via generating an authorization key on the client which should only be generated by the network administrator. | 8.6 |
| 2019-11-21 | CVE-2014-2904 | Improper Authentication vulnerability in Wolfssl wolfssl before 3.2.0 has a server certificate that is not properly authorized for server authentication. | 7.5 |
| 2019-11-21 | CVE-2019-19006 | Improper Authentication vulnerability in Sangoma Freepbx Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control. | 9.8 |
| 2019-11-14 | CVE-2019-15803 | Improper Authentication vulnerability in Zyxel products An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. | 9.1 |
| 2019-11-14 | CVE-2013-3072 | Improper Authentication vulnerability in Netgear Wndr4700 Firmware 1.0.0.34 An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administration portal. | 9.8 |
| 2019-11-14 | CVE-2019-11170 | Improper Authentication vulnerability in Intel Baseboard Management Controller Firmware 2.09 Authentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via local access. | 7.8 |
| 2019-11-13 | CVE-2013-3367 | Improper Authentication vulnerability in Trendnet Tew-691Gr Firmware and Tew-692Gr Firmware Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3. | 9.8 |
| 2019-11-13 | CVE-2019-5233 | Improper Authentication vulnerability in Huawei Taurus-Al00B Firmware 10.0.0.41(Sp2C00E41R3P2) Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) have an improper authentication vulnerability. | 8.8 |