Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-16 | CVE-2018-18389 | Improper Authentication vulnerability in Neo4J Due to incorrect access control in Neo4j Enterprise Database Server 3.4.x before 3.4.9, the setting of LDAP for authentication with STARTTLS, and System Account for authorization, allows an attacker to log into the server by sending any valid username with an arbitrary password. | 9.8 |
| 2018-10-15 | CVE-2018-17534 | Improper Authentication vulnerability in Teltonika Rut900 Firmware, Rut950 Firmware and Rut955 Firmware Teltonika RUT9XX routers with firmware before 00.04.233 provide a root terminal on a serial interface without proper access control. | 6.8 |
| 2018-10-11 | CVE-2018-1738 | Improper Authentication vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0 could allow an authenticated user to obtain highly sensitive information or jeopardize system integrity due to improper authentication mechanisms. | 7.1 |
| 2018-10-10 | CVE-2018-18061 | Improper Authentication vulnerability in Tecrail Responsive Filemanager 9.8.1 An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. | 7.5 |
| 2018-10-10 | CVE-2018-16738 | Improper Authentication vulnerability in multiple products tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation. | 3.7 |
| 2018-10-10 | CVE-2018-16737 | Improper Authentication vulnerability in multiple products tinc before 1.0.30 has a broken authentication protocol, without even a partial mitigation. | 5.3 |
| 2018-10-10 | CVE-2018-12455 | Improper Authentication vulnerability in Intelbras Nplug Firmware 1.0.0.14 Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie. | 8.1 |
| 2018-10-10 | CVE-2018-0053 | Improper Authentication vulnerability in Juniper Junos 15.1X49 An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. | 6.8 |
| 2018-10-10 | CVE-2018-0052 | Improper Authentication vulnerability in Juniper Junos If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device. | 8.1 |
| 2018-10-10 | CVE-2018-0044 | Improper Authentication vulnerability in Juniper Junos 18.1R2 An insecure SSHD configuration in Juniper Device Manager (JDM) and host OS on Juniper NFX Series devices may allow remote unauthenticated access if any of the passwords on the system are empty. | 8.1 |