Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-03 | CVE-2023-26150 | Improper Authentication vulnerability in Freeopcua Opcua-Asyncio Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. **Note:** This issue is a result of missing checks for services that require an active session. | 7.5 |
| 2023-10-03 | CVE-2023-42771 | Improper Authentication vulnerability in Furunosystems Acera 1310 Firmware and Acera 1320 Firmware Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent unauthenticated attacker who can access the affected product to download configuration files and/or log files, and upload configuration files and/or firmware. | 8.8 |
| 2023-09-27 | CVE-2023-20252 | Improper Authentication vulnerability in Cisco Catalyst Sd-Wan Manager 20.11.1.2/20.9.3.2 A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user. This vulnerability is due to improper authentication checks for SAML APIs. | 9.8 |
| 2023-09-27 | CVE-2023-41904 | Improper Authentication vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass (for AuthToken generation) in REST APIs. | 5.4 |
| 2023-09-20 | CVE-2023-31015 | Improper Authentication vulnerability in Nvidia DGX H100 Firmware NVIDIA DGX H100 BMC contains a vulnerability in the REST service where a host user may cause as improper authentication issue. | 7.8 |
| 2023-09-19 | CVE-2023-4094 | Improper Authentication vulnerability in Fujitsu Arconte Aurea 1.5.0.0 ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make incorrect access requests in order to block each legitimate account and cause a denial of service. | 8.2 |
| 2023-09-19 | CVE-2023-0773 | Improper Authentication vulnerability in Uniview Ipc322Lb-Sf28-A Firmware The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. | 9.8 |
| 2023-09-15 | CVE-2023-0813 | Improper Authentication vulnerability in Redhat Network Observability 1.0 A flaw was found in the Network Observability plugin for OpenShift console. | 7.5 |
| 2023-09-15 | CVE-2023-41900 | Improper Authentication vulnerability in multiple products Jetty is a Java based web server and servlet engine. | 4.3 |
| 2023-09-15 | CVE-2023-42442 | Improper Authentication vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host and a professional operation and maintenance security audit system. | 5.3 |