Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-05 | CVE-2023-42576 | Improper Authentication vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler. | 6.8 |
| 2023-12-05 | CVE-2023-5808 | Improper Authentication vulnerability in Hitachi Vantara Hitachi Network Attached Storage 14.6.7520.04/14.8.7825.01 SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. | 6.5 |
| 2023-12-04 | CVE-2023-44302 | Improper Authentication vulnerability in Dell Powerprotect Data Manager Dm5500 Firmware Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. | 9.8 |
| 2023-11-30 | CVE-2023-6342 | Improper Authentication vulnerability in Tylertech Court Case Management Plus Tyler Technologies Court Case Management Plus allows a remote attacker to authenticate as any user by manipulating at least the 'CmWebSearchPfp/Login.aspx?xyzldk=' and 'payforprint_CM/Redirector.ashx?userid=' parameters. | 9.8 |
| 2023-11-30 | CVE-2023-6343 | Improper Authentication vulnerability in Tylertech Court Case Management Plus Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to enumerate and access sensitive files using the tiffserver/tssp.aspx 'FN' and 'PN' parameters. | 5.3 |
| 2023-11-30 | CVE-2023-6344 | Improper Authentication vulnerability in Tylertech Court Case Management Plus Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to enumerate directories using the tiffserver/te003.aspx or te004.aspx 'ifolder' parameter. | 5.3 |
| 2023-11-30 | CVE-2023-6353 | Improper Authentication vulnerability in Tylertech Court Case Management Plus Tyler Technologies Civil and Criminal Electronic Filing allows an unauthenticated, remote attacker to upload, delete, and view files by manipulating the Upload.aspx 'enky' parameter. | 9.4 |
| 2023-11-30 | CVE-2023-6354 | Improper Authentication vulnerability in Tylertech Court Case Management Plus Tyler Technologies Magistrate Court Case Management Plus allows an unauthenticated, remote attacker to upload, delete, and view files by manipulating the PDFViewer.aspx 'filename' parameter. | 9.4 |
| 2023-11-30 | CVE-2023-34388 | Improper Authentication vulnerability in Selinc Sel-451 Firmware An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details. | 9.8 |
| 2023-11-28 | CVE-2023-29062 | Improper Authentication vulnerability in BD Facschorus The Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials upon user action without adequately validating the identity of the requested resource. | 3.8 |