Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-08 | CVE-2023-43742 | Improper Authentication vulnerability in Zultys products An authentication bypass in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an unauthenticated attacker to obtain an administrative session via a protection mechanism failure in the authentication function. | 9.8 |
| 2023-12-06 | CVE-2023-36655 | Improper Authentication vulnerability in Prolion Cryptospike 3.0.15 The login REST API in ProLion CryptoSpike 3.0.15P2 (when LDAP or Active Directory is used as the users store) allows a remote blocked user to login and obtain an authentication token by specifying a username with different uppercase/lowercase character combination. | 9.8 |
| 2023-12-06 | CVE-2023-6514 | Improper Authentication vulnerability in Huawei Ajmd-370S Firmware 103.1.0.110(Sp12C00E2R1P2) The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. | 8.8 |
| 2023-12-05 | CVE-2023-5970 | Improper Authentication vulnerability in Sonicwall products Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass. | 8.8 |
| 2023-12-05 | CVE-2023-47304 | Improper Authentication vulnerability in Vonage Vdv23 Firmware Vdv213.2.110.5.1 An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device. | 7.8 |
| 2023-12-05 | CVE-2023-33054 | Improper Authentication vulnerability in Qualcomm products Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. | 9.1 |
| 2023-12-05 | CVE-2023-33070 | Improper Authentication vulnerability in Qualcomm products Transient DOS in Automotive OS due to improper authentication to the secure IO calls. | 5.5 |
| 2023-12-05 | CVE-2023-42576 | Improper Authentication vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler. | 6.8 |
| 2023-12-05 | CVE-2023-5808 | Improper Authentication vulnerability in Hitachi Vantara Hitachi Network Attached Storage 14.6.7520.04/14.8.7825.01 SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. | 6.5 |
| 2023-12-04 | CVE-2023-44302 | Improper Authentication vulnerability in Dell Powerprotect Data Manager Dm5500 Firmware Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. | 9.8 |