Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-30 | CVE-2016-10309 | Improper Authentication vulnerability in Ceragon Fibeair Ip-10 Firmware 7.1.0 In the GUI of Ceragon FibeAir IP-10 (before 7.2.0) devices, a remote attacker can bypass authentication by adding an ALBATROSS cookie with the value 0-4-11 to their browser. | 9.8 |
| 2017-03-29 | CVE-2017-2689 | Improper Authentication vulnerability in Siemens Ruggedcom ROX I 2.9.0 Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings. | 8.8 |
| 2017-03-28 | CVE-2016-9463 | Improper Authentication vulnerability in multiple products Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. | 8.1 |
| 2017-03-28 | CVE-2016-9124 | Improper Authentication vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive Authentication Attempts. | 9.8 |
| 2017-03-27 | CVE-2017-5237 | Improper Authentication vulnerability in Eviewgps Ev-07S GPS Tracker Firmware Due to a lack of authentication, an unauthenticated user who knows the Eview EV-07S GPS Tracker's phone number can revert the device to a factory default configuration with an SMS command, "RESET!" | 7.5 |
| 2017-03-20 | CVE-2016-4926 | Improper Authentication vulnerability in Juniper Junos Space Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network based users with access to Junos Space web interface to perform certain administrative tasks without authentication. | 9.8 |
| 2017-03-17 | CVE-2017-3880 | Improper Authentication vulnerability in Cisco Webex Meetings Server An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. | 6.5 |
| 2017-03-17 | CVE-2017-3867 | Improper Authentication vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic. | 5.3 |
| 2017-03-17 | CVE-2017-6967 | Improper Authentication vulnerability in Neutrinolabs Xrdp 0.9.1 xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass. | 7.3 |
| 2017-03-17 | CVE-2017-0100 | Improper Authentication vulnerability in Microsoft products A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows HelpPane Elevation of Privilege Vulnerability." | 7.8 |