Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-10 | CVE-2018-14782 | Improper Authentication vulnerability in Netcommwireless Nwl-25 Firmware 2.0.29.11 NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. | 7.5 |
| 2018-08-10 | CVE-2018-10630 | Improper Authentication vulnerability in Crestron MC3 Firmware and Tsw-X60 Firmware For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version prior to 1.502.0047.001, The devices are shipped with authentication disabled, and there is no indication to users that they need to take steps to enable it. | 9.8 |
| 2018-08-06 | CVE-2018-7069 | Improper Authentication vulnerability in HP Centralview Fraud Risk Management HPE has identified a remote unauthenticated access to files vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. | 7.5 |
| 2018-08-06 | CVE-2018-7058 | Improper Authentication vulnerability in HP Aruba Clearpass Policy Manager Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. | 9.8 |
| 2018-08-01 | CVE-2016-8609 | Improper Authentication vulnerability in Redhat Keycloak It was found that the keycloak before 2.3.0 did not implement authentication flow correctly. | 8.1 |
| 2018-07-31 | CVE-2018-10603 | Improper Authentication vulnerability in Martem Telem-Gw6 Firmware and Telem-Gwm Firmware Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process. | 9.8 |
| 2018-07-31 | CVE-2018-7947 | Improper Authentication vulnerability in Huawei Emily-Al00A Firmware Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. | 3.9 |
| 2018-07-31 | CVE-2018-1638 | Improper Authentication vulnerability in IBM API Connect IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce Two Factor Authentication (TFA) while resetting a user password but enforces it for all other login scenarios. | 8.1 |
| 2018-07-30 | CVE-2018-10847 | Improper Authentication vulnerability in Prosody prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass. | 8.8 |
| 2018-07-27 | CVE-2017-2652 | Improper Authentication vulnerability in Jenkins Distributed Fork It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary shell commands on all connected nodes. | 8.8 |