Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-05 | CVE-2019-6521 | Improper Authentication vulnerability in Advantech Webaccess/Scada 8.3 WebAccess/SCADA, Version 8.3. | 8.6 |
| 2019-02-05 | CVE-2019-6519 | Improper Authentication vulnerability in Advantech Webaccess/Scada 8.3 WebAccess/SCADA, Version 8.3. | 9.8 |
| 2019-02-05 | CVE-2018-18505 | Improper Authentication vulnerability in multiple products An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. | 10.0 |
| 2019-02-05 | CVE-2018-19000 | Improper Authentication vulnerability in Lcds Laquis Scada 4.1/4.1.0.3391/4.1.0.3870 LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data. | 5.3 |
| 2019-01-31 | CVE-2018-17928 | Improper Authentication vulnerability in ABB Cms-770 Firmware 1.7.1 The product CMS-770 (Software Versions 1.7.1 and prior)is vulnerable that an attacker can read sensitive configuration files by bypassing the user authentication mechanism. | 6.5 |
| 2019-01-31 | CVE-2018-17926 | Improper Authentication vulnerability in ABB Eth-Fw Firmware and FW Firmware The product M2M ETHERNET (FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior) is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism. | 4.3 |
| 2019-01-30 | CVE-2018-17431 | Improper Authentication vulnerability in Comodo Unified Threat Management Firewall 1.5.0 Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL. | 9.8 |
| 2019-01-29 | CVE-2018-1668 | Improper Authentication vulnerability in IBM Datapower Gateway IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through 7.5.1.18, 7.5.2.0 through 7.5.2.18, and 7.6.0.0 through 7.6.0.11 appliances allows "null" logins which could give read access to IPMI data to obtain sensitive information. | 7.5 |
| 2019-01-25 | CVE-2018-19023 | Improper Authentication vulnerability in Hetronic products Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. | 8.8 |
| 2019-01-23 | CVE-2019-3584 | Improper Authentication vulnerability in Mcafee Mvision Endpoint Exploitation of Authentication vulnerability in MVision Endpoint in McAfee MVision Endpoint Prior to 1811 Update 1 (18.11.31.62) allows authenticated administrator users --> administrators to Remove MVision Endpoint via unspecified vectors. | 6.0 |