Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-04 | CVE-2017-10815 | Improper Authentication vulnerability in Intercom Malion 5.2.1 MaLion for Windows 5.2.1 and earlier (only when "Remote Control" is installed) and MaLion for Mac 4.0.1 to 5.2.1 (only when "Remote Control" is installed) allow remote attackers to bypass authentication to execute arbitrary commands or operations on Terminal Agent. | 8.1 |
| 2017-07-31 | CVE-2017-9475 | Improper Authentication vulnerability in Comcast Xfinity Wifi Hotspot Comcast XFINITY WiFi Home Hotspot devices allow remote attackers to spoof the identities of Comcast customers via a forged MAC address. | 5.9 |
| 2017-07-28 | CVE-2017-11645 | Improper Authentication vulnerability in Netcomm 4Gt101W Bootloader and 4Gt101W Software NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or system_config.html. | 9.8 |
| 2017-07-22 | CVE-2017-2126 | Improper Authentication vulnerability in Buffalo Wapm-1166D Firmware and Wapm-Apg600H Firmware WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1.16.1 and earlier allows remote attackers to bypass authentication and access the configuration interface via unspecified vectors. | 9.8 |
| 2017-07-20 | CVE-2017-6530 | Improper Authentication vulnerability in Televes Coaxdata Gateway 1Gbps Firmware 1.02.00144.20 Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 do not check password.shtml authorization, leading to Arbitrary password change. | 9.8 |
| 2017-07-17 | CVE-2017-8006 | Improper Authentication vulnerability in EMC RSA Authentication Manager In EMC RSA Authentication Manager 8.2 SP1 Patch 1 and earlier, a malicious user logged into the Self-Service Console of RSA Authentication Manager as a target user can use a brute force attack to attempt to identify that user's PIN. | 5.9 |
| 2017-07-17 | CVE-2017-2341 | Improper Authentication vulnerability in Juniper Junos An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. | 8.8 |
| 2017-07-17 | CVE-2017-10601 | Improper Authentication vulnerability in Juniper Junos A specific device configuration can result in a commit failure condition. | 9.8 |
| 2017-07-17 | CVE-2017-1000071 | Improper Authentication vulnerability in Apereo PHPcas 1.3.4 Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server. | 8.1 |
| 2017-07-17 | CVE-2017-1000068 | Improper Authentication vulnerability in Betterment Testtrack 1.0 TestTrack Server versions 1.0 and earlier are vulnerable to an authentication flaw in the split disablement feature resulting in the ability to disable arbitrary running splits and cause denial of service to clients in the field. | 7.5 |