Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-13 | CVE-2018-11770 | Improper Authentication vulnerability in Apache Spark From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API for job submission, in addition to the submission mechanism used by spark-submit. | 4.2 |
| 2018-08-12 | CVE-2018-3775 | Improper Authentication vulnerability in Nextcloud Server Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication. | 8.8 |
| 2018-08-10 | CVE-2018-14782 | Improper Authentication vulnerability in Netcommwireless Nwl-25 Firmware 2.0.29.11 NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. | 7.5 |
| 2018-08-10 | CVE-2018-10630 | Improper Authentication vulnerability in Crestron MC3 Firmware and Tsw-X60 Firmware For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version prior to 1.502.0047.001, The devices are shipped with authentication disabled, and there is no indication to users that they need to take steps to enable it. | 9.8 |
| 2018-08-06 | CVE-2018-7069 | Improper Authentication vulnerability in HP Centralview Fraud Risk Management HPE has identified a remote unauthenticated access to files vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. | 7.5 |
| 2018-08-06 | CVE-2018-7058 | Improper Authentication vulnerability in HP Aruba Clearpass Policy Manager Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. | 9.8 |
| 2018-08-01 | CVE-2016-8609 | Improper Authentication vulnerability in Redhat Keycloak It was found that the keycloak before 2.3.0 did not implement authentication flow correctly. | 8.1 |
| 2018-07-31 | CVE-2018-10603 | Improper Authentication vulnerability in Martem Telem-Gw6 Firmware and Telem-Gwm Firmware Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process. | 9.8 |
| 2018-07-31 | CVE-2018-7947 | Improper Authentication vulnerability in Huawei Emily-Al00A Firmware Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. | 3.9 |
| 2018-07-31 | CVE-2018-1638 | Improper Authentication vulnerability in IBM API Connect IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce Two Factor Authentication (TFA) while resetting a user password but enforces it for all other login scenarios. | 8.1 |