Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-30 | CVE-2018-17431 | Improper Authentication vulnerability in Comodo Unified Threat Management Firewall 1.5.0 Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL. | 9.8 |
| 2019-01-29 | CVE-2018-1668 | Improper Authentication vulnerability in IBM Datapower Gateway IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through 7.5.1.18, 7.5.2.0 through 7.5.2.18, and 7.6.0.0 through 7.6.0.11 appliances allows "null" logins which could give read access to IPMI data to obtain sensitive information. | 7.5 |
| 2019-01-25 | CVE-2018-19023 | Improper Authentication vulnerability in Hetronic products Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. | 8.8 |
| 2019-01-23 | CVE-2019-3584 | Improper Authentication vulnerability in Mcafee Mvision Endpoint Exploitation of Authentication vulnerability in MVision Endpoint in McAfee MVision Endpoint Prior to 1811 Update 1 (18.11.31.62) allows authenticated administrator users --> administrators to Remove MVision Endpoint via unspecified vectors. | 6.0 |
| 2019-01-17 | CVE-2018-20735 | Improper Authentication vulnerability in BMC Patrol Agent An issue was discovered in BMC PATROL Agent through 11.3.01. | 7.8 |
| 2019-01-16 | CVE-2018-18814 | Improper Authentication vulnerability in Tibco products The TIBCO Spotfire authentication component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability in the handling of the authentication that theoretically may allow an attacker to gain full access to a target account, independent of configured authentication mechanisms. | 9.8 |
| 2019-01-14 | CVE-2018-16886 | Improper Authentication vulnerability in multiple products etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. | 8.1 |
| 2019-01-11 | CVE-2017-13889 | Improper Authentication vulnerability in Apple mac OS X 10.13.0/10.13.1/10.13.2 In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. | 9.8 |
| 2019-01-10 | CVE-2018-5403 | Improper Authentication vulnerability in Imperva Securesphere 13.0.10/13.1.10/13.2.10 Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface. | 8.1 |
| 2019-01-09 | CVE-2018-0676 | Improper Authentication vulnerability in Panasonic Bn-Sdwbp3 Firmware 1.0.9 BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to bypass authentication to access to the management screen and execute an arbitrary command via unspecified vectors. | 8.8 |