Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-10 | CVE-2018-0052 | Improper Authentication vulnerability in Juniper Junos If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device. | 8.1 |
| 2018-10-10 | CVE-2018-0044 | Improper Authentication vulnerability in Juniper Junos 18.1R2 An insecure SSHD configuration in Juniper Device Manager (JDM) and host OS on Juniper NFX Series devices may allow remote unauthenticated access if any of the passwords on the system are empty. | 8.1 |
| 2018-10-09 | CVE-2018-15543 | Improper Authentication vulnerability in Telegram 4.8.11 An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. | 6.8 |
| 2018-10-09 | CVE-2018-15542 | Improper Authentication vulnerability in Telegram 4.8.11 An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. | 6.4 |
| 2018-10-09 | CVE-2018-14080 | Improper Authentication vulnerability in D-Link products An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices. | 7.5 |
| 2018-10-07 | CVE-2012-6710 | Improper Authentication vulnerability in Extplorer ext_find_user in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password[]= (aka an empty array) in an action=login request to index.php. | 9.8 |
| 2018-10-05 | CVE-2018-15371 | Improper Authentication vulnerability in Cisco IOS XE 16.3(1) A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. | 6.7 |
| 2018-10-05 | CVE-2018-0435 | Improper Authentication vulnerability in Cisco Umbrella A vulnerability in the Cisco Umbrella API could allow an authenticated, remote attacker to view and modify data across their organization and other organizations. | 9.1 |
| 2018-10-05 | CVE-2013-7465 | Improper Authentication vulnerability in Icecoldapps Servers Ultimate 6.0.2 Ice Cold Apps Servers Ultimate 6.0.2(12) does not require authentication for TELNET, SSH, or FTP, which allows remote attackers to execute arbitrary code by uploading PHP scripts. | 9.8 |
| 2018-10-04 | CVE-2018-0505 | Improper Authentication vulnerability in multiple products Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock | 6.5 |