Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-17 | CVE-2018-20735 | Improper Authentication vulnerability in BMC Patrol Agent An issue was discovered in BMC PATROL Agent through 11.3.01. | 7.8 |
| 2019-01-16 | CVE-2018-18814 | Improper Authentication vulnerability in Tibco products The TIBCO Spotfire authentication component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability in the handling of the authentication that theoretically may allow an attacker to gain full access to a target account, independent of configured authentication mechanisms. | 9.8 |
| 2019-01-14 | CVE-2018-16886 | Improper Authentication vulnerability in multiple products etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. | 8.1 |
| 2019-01-11 | CVE-2017-13889 | Improper Authentication vulnerability in Apple mac OS X 10.13.0/10.13.1/10.13.2 In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. | 9.8 |
| 2019-01-10 | CVE-2018-5403 | Improper Authentication vulnerability in Imperva Securesphere 13.0.10/13.1.10/13.2.10 Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface. | 8.1 |
| 2019-01-09 | CVE-2018-0676 | Improper Authentication vulnerability in Panasonic Bn-Sdwbp3 Firmware 1.0.9 BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to bypass authentication to access to the management screen and execute an arbitrary command via unspecified vectors. | 8.8 |
| 2019-01-09 | CVE-2018-0670 | Improper Authentication vulnerability in MNC Inplc-Rt 3.08 INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an arbitrary command through the protocol-compliant traffic. | 9.8 |
| 2019-01-09 | CVE-2018-0669 | Improper Authentication vulnerability in MNC Inplc-Rt 3.08 INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an arbitrary command through the protocol-compliant traffic. | 9.8 |
| 2019-01-09 | CVE-2018-20675 | Improper Authentication vulnerability in Dlink products D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass. | 9.8 |
| 2019-01-08 | CVE-2019-0622 | Improper Authentication vulnerability in Microsoft Skype 8.35 An elevation of privilege vulnerability exists when Skype for Andriod fails to properly handle specific authentication requests, aka "Skype for Android Elevation of Privilege Vulnerability." This affects Skype 8.35. | 4.6 |