Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-30 | CVE-2023-44397 | Improper Authentication vulnerability in Fit2Cloud Cloudexplorer Lite CloudExplorer Lite is an open source, lightweight cloud management platform. | 9.8 |
| 2023-10-30 | CVE-2023-21297 | Improper Authentication vulnerability in Google Android In SEPolicy, there is a possible way to access the factory MAC address due to a permissions bypass. | 4.4 |
| 2023-10-30 | CVE-2023-21307 | Improper Authentication vulnerability in Google Android In Bluetooth, there is a possible way for a paired Bluetooth device to access a long term identifier for an Android device due to a permissions bypass. | 5.0 |
| 2023-10-30 | CVE-2023-5844 | Improper Authentication vulnerability in Pimcore Admin Classic Bundle Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0. | 7.2 |
| 2023-10-27 | CVE-2023-35794 | Improper Authentication vulnerability in Cassianetworks Access Controller 2.1.1.2303271039 An issue was discovered in Cassia Access Controller 2.1.1.2303271039. | 8.8 |
| 2023-10-27 | CVE-2023-5830 | Improper Authentication vulnerability in Documentlocator Document Locator A vulnerability classified as critical has been found in ColumbiaSoft Document Locator. | 9.8 |
| 2023-10-27 | CVE-2022-3681 | Improper Authentication vulnerability in Motorola Mr2600 A vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an attacker within range of the wireless network to successfully brute force the WPS pin, potentially allowing them unauthorized access to a wireless network. | 6.5 |
| 2023-10-27 | CVE-2022-34887 | Improper Authentication vulnerability in Lenovo products Standard users can directly operate and set printer configuration information , such as IP, in some Lenovo Printers without having to authenticate with the administrator password. | 5.4 |
| 2023-10-27 | CVE-2023-46290 | Improper Authentication vulnerability in Rockwellautomation Factorytalk Services Platform Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . | 8.1 |
| 2023-10-25 | CVE-2023-27377 | Improper Authentication vulnerability in Idattend Idweb 3.1.013/3.1.052 Missing authentication in the StudentPopupDetails_EmergencyContactDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student data by unauthenticated attackers. | 7.5 |