Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-09 | CVE-2017-14972 | Improper Authentication vulnerability in Infocus Mondopad 2.2.08 InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file. | 7.5 |
| 2017-10-05 | CVE-2016-8937 | Improper Authentication vulnerability in IBM Tivoli Storage Manager The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. | 9.8 |
| 2017-10-05 | CVE-2017-14000 | Improper Authentication vulnerability in Ctekproducts Skyrouter Z4200 Firmware and Skyrouter Z4400 Firmware An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. | 9.4 |
| 2017-10-05 | CVE-2017-13995 | Improper Authentication vulnerability in Spidercontrol Ininet Webserver An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. | 10.0 |
| 2017-10-05 | CVE-2017-1000110 | Improper Authentication vulnerability in Jenkins Blue Ocean Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. | 4.3 |
| 2017-10-05 | CVE-2017-1000106 | Improper Authentication vulnerability in Jenkins Blue Ocean Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. | 8.5 |
| 2017-10-04 | CVE-2017-12819 | Improper Authentication vulnerability in Sentinel LDK RTE Firmware 7.50 Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55. | 9.8 |
| 2017-09-30 | CVE-2017-13984 | Improper Authentication vulnerability in HP BSM Platform Application Performance Management System Health 9.26/9.30/9.40 An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to delete arbitrary files via servlet directory traversal. | 6.5 |
| 2017-09-30 | CVE-2017-13983 | Improper Authentication vulnerability in HP BSM Platform Application Performance Management System Health 9.26/9.30/9.40 An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication. | 9.8 |
| 2017-09-29 | CVE-2017-12236 | Improper Authentication vulnerability in Cisco IOS XE 16.5.1C/3.2.0Ja/3.9.1E A vulnerability in the implementation of the Locator/ID Separation Protocol (LISP) in Cisco IOS XE 3.2 through 16.5 could allow an unauthenticated, remote attacker using an x tunnel router to bypass authentication checks performed when registering an Endpoint Identifier (EID) to a Routing Locator (RLOC) in the map server/map resolver (MS/MR). | 9.8 |