Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-18 | CVE-2018-11787 | Improper Authentication vulnerability in Apache Karaf In Apache Karaf version prior to 3.0.9, 4.0.9, 4.1.1, when the webconsole feature is installed in Karaf, it is available at .../system/console and requires authentication to access it. | 8.1 |
| 2018-09-17 | CVE-2017-2872 | Improper Authentication vulnerability in Foscam C1 Firmware 2.52.2.43 Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 7.2 |
| 2018-09-14 | CVE-2018-16286 | Improper Authentication vulnerability in LG Supersign CMS LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits. | 9.8 |
| 2018-09-12 | CVE-2018-7572 | Improper Authentication vulnerability in Pulsesecure Pulse Secure Desktop Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to authenticate VPN users during Windows Logon, can allow attackers to bypass Windows authentication and execute commands on the system with the privileges of Pulse Secure Client. | 6.8 |
| 2018-09-12 | CVE-2018-1773 | Improper Authentication vulnerability in IBM Datacap 9.1.1/9.1.3/9.1.4 IBM Datacap Fastdoc Capture 9.1.1, 9.1.3, and 9.1.4 could allow an authenticated user to bypass future authentication mechanisms once the initial login is completed. | 4.3 |
| 2018-09-12 | CVE-2018-16947 | Improper Authentication vulnerability in multiple products An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. | 9.8 |
| 2018-09-07 | CVE-2018-15485 | Improper Authentication vulnerability in Kone Group Controller Firmware An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. | 9.1 |
| 2018-09-06 | CVE-2018-16590 | Improper Authentication vulnerability in Furuno Felcom 250 Firmware and Felcom 500 Firmware FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication. | 9.8 |
| 2018-09-06 | CVE-2017-14026 | Improper Authentication vulnerability in Iceqube Thermal Management Center Firmware 3.18 In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information. | 7.5 |
| 2018-08-30 | CVE-2018-15479 | Improper Authentication vulnerability in Mystrom products An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. | 6.5 |