Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-31 | CVE-2018-17928 | Improper Authentication vulnerability in ABB Cms-770 Firmware 1.7.1 The product CMS-770 (Software Versions 1.7.1 and prior)is vulnerable that an attacker can read sensitive configuration files by bypassing the user authentication mechanism. | 6.5 |
| 2019-01-31 | CVE-2018-17926 | Improper Authentication vulnerability in ABB Eth-Fw Firmware and FW Firmware The product M2M ETHERNET (FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior) is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism. | 4.3 |
| 2019-01-30 | CVE-2018-17431 | Improper Authentication vulnerability in Comodo Unified Threat Management Firewall 1.5.0 Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL. | 9.8 |
| 2019-01-29 | CVE-2018-1668 | Improper Authentication vulnerability in IBM Datapower Gateway IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through 7.5.1.18, 7.5.2.0 through 7.5.2.18, and 7.6.0.0 through 7.6.0.11 appliances allows "null" logins which could give read access to IPMI data to obtain sensitive information. | 7.5 |
| 2019-01-25 | CVE-2018-19023 | Improper Authentication vulnerability in Hetronic products Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. | 8.8 |
| 2019-01-23 | CVE-2019-3584 | Improper Authentication vulnerability in Mcafee Mvision Endpoint Exploitation of Authentication vulnerability in MVision Endpoint in McAfee MVision Endpoint Prior to 1811 Update 1 (18.11.31.62) allows authenticated administrator users --> administrators to Remove MVision Endpoint via unspecified vectors. | 6.0 |
| 2019-01-17 | CVE-2018-20735 | Improper Authentication vulnerability in BMC Patrol Agent An issue was discovered in BMC PATROL Agent through 11.3.01. | 7.8 |
| 2019-01-16 | CVE-2018-18814 | Improper Authentication vulnerability in Tibco products The TIBCO Spotfire authentication component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability in the handling of the authentication that theoretically may allow an attacker to gain full access to a target account, independent of configured authentication mechanisms. | 9.8 |
| 2019-01-14 | CVE-2018-16886 | Improper Authentication vulnerability in multiple products etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. | 8.1 |
| 2019-01-11 | CVE-2017-13889 | Improper Authentication vulnerability in Apple mac OS X 10.13.0/10.13.1/10.13.2 In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. | 9.8 |