Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-17 | CVE-2017-9625 | Improper Authentication vulnerability in Envitech Envidas Ultimate 1.0.0.4 An Improper Authentication issue was discovered in Envitech EnviDAS Ultimate Versions prior to v1.0.0.5. | 8.2 |
| 2017-10-16 | CVE-2017-15297 | Improper Authentication vulnerability in SAP Host Agent 7.21 SAP Hostcontrol does not require authentication for the SOAP SAPControl endpoint. | 7.5 |
| 2017-10-16 | CVE-2017-15295 | Improper Authentication vulnerability in SAP Point of Sale Xpress Server 1020/1030 Xpress Server in SAP POS does not require authentication for read/write/delete file access. | 9.8 |
| 2017-10-16 | CVE-2017-15293 | Improper Authentication vulnerability in SAP Point of Sale Xpress Server 1020/1030 Xpress Server in SAP POS does not require authentication for file read and erase operations, daemon shutdown, terminal read operations, or certain attacks on credentials. | 9.8 |
| 2017-10-13 | CVE-2017-10623 | Improper Authentication vulnerability in Juniper Junos Space Lack of authentication and authorization of cluster messages in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to intercept, inject or disrupt Junos Space cluster operations between two nodes. | 8.1 |
| 2017-10-13 | CVE-2017-10622 | Improper Authentication vulnerability in Juniper Junos Space 16.1/17.1 An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. | 9.8 |
| 2017-10-13 | CVE-2016-5791 | Improper Authentication vulnerability in Jantek Jtc-200 Firmware An Improper Authentication issue was discovered in JanTek JTC-200, all versions. | 9.8 |
| 2017-10-11 | CVE-2017-5791 | Improper Authentication vulnerability in HP Intelligent Management Center Plat 7.2 The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI. | 9.8 |
| 2017-10-11 | CVE-2017-14003 | Improper Authentication vulnerability in Lavalink Ether-Serial Link Firmware 6.01.00/29.03.2007 An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link (ESL) running firmware versions 6.01.00/29.03.2007 and prior versions. | 9.8 |
| 2017-10-09 | CVE-2017-14972 | Improper Authentication vulnerability in Infocus Mondopad 2.2.08 InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file. | 7.5 |