Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-09 | CVE-2018-7227 | Improper Authentication vulnerability in Schneider-Electric products A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow retrieving of specially crafted URLs without authentication that can reveal sensitive information to an attacker. | 5.3 |
| 2018-03-08 | CVE-2018-1443 | Improper Authentication vulnerability in IBM products An XML parsing vulnerability affects IBM SAML-based single sign-on (SSO) systems (IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2.) This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a different user without knowledge of the victim users password. | 5.9 |
| 2018-03-08 | CVE-2017-7638 | Improper Authentication vulnerability in Qnap Media Streaming Add-On QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not authenticate requests properly. | 6.5 |
| 2018-03-08 | CVE-2018-0087 | Improper Authentication vulnerability in Cisco Asyncos 10.5.1296 A vulnerability in the FTP server of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to log in to the FTP server of the device without a valid password. | 5.6 |
| 2018-03-07 | CVE-2018-7745 | Improper Authentication vulnerability in Cobub Razor 0.7.2 An issue was discovered in Western Bridge Cobub Razor 0.7.2. | 7.5 |
| 2018-03-06 | CVE-2018-1343 | Improper Authentication vulnerability in Netiq Privileged Account Manager PAM exposure enabling unauthenticated access to remote host | 9.8 |
| 2018-03-06 | CVE-2017-15519 | Improper Authentication vulnerability in Netapp Snapcenter Server 2.0/3.0/3.0.1 Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. | 7.2 |
| 2018-03-05 | CVE-2018-5455 | Improper Authentication vulnerability in Moxa products A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. | 9.8 |
| 2018-03-02 | CVE-2017-9285 | Improper Authentication vulnerability in multiple products NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services. | 9.8 |
| 2018-03-02 | CVE-2017-5189 | Improper Authentication vulnerability in Netiq Imanager NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance. | 7.5 |