Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-11 | CVE-2018-6617 | Improper Authentication vulnerability in Ehcp Easy Hosting Control Panel 0.37.12.B Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL server, allows attackers to change passwords of arbitrary database users by leveraging failure to ask for the current password. | 7.8 |
| 2018-05-10 | CVE-2018-7941 | Improper Authentication vulnerability in Huawei products Huawei iBMC V200R002C60 have an authentication bypass vulnerability. | 8.8 |
| 2018-05-10 | CVE-2018-7940 | Improper Authentication vulnerability in Huawei Mate 9 Firmware and Mate 9 PRO Firmware Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than 8.0.0.129(SP2C00) and earlier versions than 8.0.0.129(SP2C01) have an authentication bypass vulnerability. | 6.2 |
| 2018-05-09 | CVE-2018-6020 | Improper Authentication vulnerability in Silextechnology products In Silex SX-500 all versions and GE MobileLink(GEH-500) version 1.54 and prior, authentication is not verified when making certain POST requests, which may allow attackers to modify system settings. | 6.5 |
| 2018-05-09 | CVE-2018-10683 | Improper Authentication vulnerability in Redhat Wildfly 10.1.2 An issue was discovered in WildFly 10.1.2.Final. | 9.8 |
| 2018-05-09 | CVE-2018-10682 | Improper Authentication vulnerability in Wildfly 10.1.2 An issue was discovered in WildFly 10.1.2.Final. | 9.8 |
| 2018-05-04 | CVE-2017-3775 | Improper Authentication vulnerability in Lenovo products Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. | 6.4 |
| 2018-05-04 | CVE-2018-10641 | Improper Authentication vulnerability in Dlink Dir-601 Firmware 1.02Na D-Link DIR-601 A1 1.02NA devices do not require the old password for a password change, which occurs in cleartext. | 8.1 |
| 2018-05-04 | CVE-2018-10561 | Improper Authentication vulnerability in Dasannetworks Gpon Router Firmware An issue was discovered on Dasan GPON home routers. | 9.8 |
| 2018-05-02 | CVE-2018-0247 | Improper Authentication vulnerability in Cisco products A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. | 4.7 |