Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-15 | CVE-2017-12549 | Improper Authentication vulnerability in HP System Management Homepage A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | 5.6 |
| 2018-02-15 | CVE-2011-4973 | Improper Authentication vulnerability in MOD NSS Project MOD NSS 1.0.8 Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password. | 9.8 |
| 2018-02-15 | CVE-2017-17161 | Improper Authentication vulnerability in Huawei Duke-L09 Firmware The 'Find Phone' function in some Huawei smart phones with software earlier than Duke-L09C10B186 versions, earlier than Duke-L09C432B187 versions, earlier than Duke-L09C636B186 versions has an authentication bypass vulnerability. | 6.8 |
| 2018-02-15 | CVE-2017-15351 | Improper Authentication vulnerability in Huawei Honor V9 Play Firmware Jimmyal00Ac00B135 The 'Find Phone' function in Huawei Honor V9 play smart phones with versions earlier than Jimmy-AL00AC00B135 has an authentication bypass vulnerability. | 6.8 |
| 2018-02-14 | CVE-2018-7034 | Improper Authentication vulnerability in Trendnet products TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 devices allow authentication bypass via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php. | 7.5 |
| 2018-02-13 | CVE-2018-5459 | Improper Authentication vulnerability in Wago Pfc200 Firmware An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. | 9.8 |
| 2018-02-12 | CVE-2017-18179 | Improper Authentication vulnerability in Progress Sitefinity 9.1 Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring authentication token that remains valid after a password change or a session termination. | 8.8 |
| 2018-02-09 | CVE-2018-3601 | Improper Authentication vulnerability in Trendmicro Control Manager 6.0 A password hash usage authentication bypass vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to bypass authentication on vulnerable installations. | 9.8 |
| 2018-02-09 | CVE-2017-0911 | Improper Authentication vulnerability in Twitter KIT Twitter Kit for iOS versions 3.0 to 3.2.1 is vulnerable to a callback verification flaw in the "Login with Twitter" component allowing an attacker to provide alternate credentials. | 5.4 |
| 2018-02-08 | CVE-2018-6180 | Improper Authentication vulnerability in Themashabrand Online Voting Platform 1.0 A flaw in the profile section of Online Voting System 1.0 allows an unauthenticated user to set an arbitrary password for other accounts. | 9.8 |