Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-08 | CVE-2019-9629 | Improper Authentication vulnerability in Sonatype Nexus Repository Manager Sonatype Nexus Repository Manager before 3.17.0 establishes a default administrator user with weak defaults (fixed credentials). | 9.8 |
| 2019-07-05 | CVE-2019-5964 | Improper Authentication vulnerability in Idoors Reader 2.10.17 iDoors Reader 2.10.17 and earlier allows an attacker on the same network segment to bypass authentication to access the management console and operate the product via unspecified vectors. | 8.8 |
| 2019-07-03 | CVE-2019-12845 | Improper Authentication vulnerability in Jetbrains Teamcity The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. | 5.3 |
| 2019-07-03 | CVE-2018-11426 | Improper Authentication vulnerability in Moxa products A weak Cookie parameter is used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. | 9.8 |
| 2019-07-02 | CVE-2017-8405 | Improper Authentication vulnerability in Dlink Dcs-1100 Firmware and Dcs-1130 Firmware An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. | 7.5 |
| 2019-07-01 | CVE-2019-7666 | Improper Authentication vulnerability in Primasystems Flexair 2.3.38 Prima Systems FlexAir, Versions 2.3.38 and prior. | 8.8 |
| 2019-06-28 | CVE-2018-14868 | Improper Authentication vulnerability in Odoo 9.0 Incorrect access control in the Password Encryption module in Odoo Community 9.0 and Odoo Enterprise 9.0 allows authenticated users to change the password of other users without knowing their current password via a crafted RPC call. | 6.5 |
| 2019-06-27 | CVE-2018-15556 | Improper Authentication vulnerability in Actiontec Web6000Q Firmware 1.1.02.22 The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers. | 9.8 |
| 2019-06-27 | CVE-2019-7226 | Improper Authentication vulnerability in ABB Pb610 Panel Builder 600 Firmware 1.91/2.8.0.367 The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. | 8.8 |
| 2019-06-24 | CVE-2019-10689 | Improper Authentication vulnerability in Polycom products VVX products using UCS software version 5.9.2 and earlier with Better Together over Ethernet Connector (BToE) application version 3.9.1 and earlier provides insufficient authentication between the BToE application and the BToE component, resulting in leakage of sensitive information. | 6.5 |