Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-22 | CVE-2016-2102 | Improper Authentication vulnerability in Haproxy HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network. | 5.3 |
| 2017-08-21 | CVE-2017-7420 | Improper Authentication vulnerability in Microfocus products An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to view and alter configuration information and alter the state of the running product (CWE-275). | 9.8 |
| 2017-08-18 | CVE-2015-4464 | Improper Authentication vulnerability in Kguardsecurity Kg-Sha104 Firmware and Kg-Sha108 Firmware Kguard Digital Video Recorder 104, 108, v2 does not have any authorization or authentication between an ActiveX client and the application server. | 9.8 |
| 2017-08-17 | CVE-2017-6781 | Improper Authentication vulnerability in Cisco Policy Suite A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affected system. | 5.3 |
| 2017-08-16 | CVE-2017-7546 | Improper Authentication vulnerability in multiple products PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password. | 9.8 |
| 2017-08-09 | CVE-2015-6816 | Improper Authentication vulnerability in multiple products ganglia-web before 3.7.1 allows remote attackers to bypass authentication. | 9.8 |
| 2017-08-09 | CVE-2017-9370 | Improper Authentication vulnerability in Blackberry Workspaces An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain access to another user's workspace by making multiple login requests to the server. | 8.8 |
| 2017-08-08 | CVE-2012-0803 | Improper Authentication vulnerability in Apache CXF 2.4.5/2.5.1 The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows remote attackers to bypass authentication by sending an empty UsernameToken as part of a SOAP request. | 9.8 |
| 2017-08-08 | CVE-2017-11151 | Improper Authentication vulnerability in Synology Photo Station A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logo_upload action. | 9.8 |
| 2017-08-08 | CVE-2017-9939 | Improper Authentication vulnerability in Siemens Sipass Integrated 2.65 A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with network access to the SiPass integrated server to bypass the authentication mechanism and perform administrative operations. | 9.8 |