Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-02 | CVE-2017-6062 | Improper Authentication vulnerability in Openidc MOD Auth Openidc The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows remote attackers to bypass authentication via crafted HTTP traffic. | 8.6 |
| 2017-02-27 | CVE-2017-6343 | Improper Authentication vulnerability in Dahuasecurity Camera Firmware, NVR Firmware and Smartpss Firmware The web interface on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 allows remote attackers to obtain login access by leveraging knowledge of the MD5 Admin Hash without knowledge of the corresponding password, a different vulnerability than CVE-2013-6117. | 8.1 |
| 2017-02-15 | CVE-2016-1888 | Improper Authentication vulnerability in Freebsd The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote attackers to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation failures." | 7.5 |
| 2017-02-13 | CVE-2017-5152 | Improper Authentication vulnerability in Advantech Webaccess 8.1 An issue was discovered in Advantech WebAccess Version 8.1. | 9.1 |
| 2017-02-13 | CVE-2016-9369 | Improper Authentication vulnerability in Moxa products An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. | 9.8 |
| 2017-02-13 | CVE-2016-9362 | Improper Authentication vulnerability in Wago products An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (released August 2015), WAGO 750-881 prior to FW09 (released August 2016), and WAGO 0758-0874-0000-0111. | 9.1 |
| 2017-02-13 | CVE-2016-9361 | Improper Authentication vulnerability in Moxa products An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. | 9.8 |
| 2017-02-13 | CVE-2016-8362 | Improper Authentication vulnerability in Moxa products An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. | 6.5 |
| 2017-02-13 | CVE-2016-8347 | Improper Authentication vulnerability in Kabona AB Webdatorcentral An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0. | 9.8 |
| 2017-02-08 | CVE-2017-2765 | Improper Authentication vulnerability in EMC Isilon Insightiq EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is affected by an authentication bypass vulnerability that could potentially be exploited by attackers to compromise the affected system. | 9.8 |