Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-07 | CVE-2018-15485 | Improper Authentication vulnerability in Kone Group Controller Firmware An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. | 9.1 |
| 2018-09-06 | CVE-2018-16590 | Improper Authentication vulnerability in Furuno Felcom 250 Firmware and Felcom 500 Firmware FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication. | 9.8 |
| 2018-09-06 | CVE-2017-14026 | Improper Authentication vulnerability in Iceqube Thermal Management Center Firmware 3.18 In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information. | 7.5 |
| 2018-08-30 | CVE-2018-15479 | Improper Authentication vulnerability in Mystrom products An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. | 6.5 |
| 2018-08-30 | CVE-2018-15478 | Improper Authentication vulnerability in Mystrom products An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. | 8.1 |
| 2018-08-30 | CVE-2018-13821 | Improper Authentication vulnerability in CA Unified Infrastructure Management 8.4.7/8.5/8.5.1 A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing. | 9.8 |
| 2018-08-29 | CVE-2018-7791 | Improper Authentication vulnerability in Schneider-Electric Modicon M221 Firmware 1.1.1.5 A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). | 9.8 |
| 2018-08-29 | CVE-2018-14805 | Improper Authentication vulnerability in Hitachienergy Esoms 6.0.2 ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. | 9.8 |
| 2018-08-29 | CVE-2018-15727 | Improper Authentication vulnerability in multiple products Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. | 9.8 |
| 2018-08-24 | CVE-2017-9820 | Improper Authentication vulnerability in Npci Bharat Interface for Money (Bhim) 1.3 The National Payments Corporation of India BHIM application 1.3 for Android uses a custom keypad for which the input element is available to the Accessibility service, which makes it easier for attackers to bypass authentication. | 9.8 |