Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-05 | CVE-2016-8937 | Improper Authentication vulnerability in IBM Tivoli Storage Manager The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. | 9.8 |
| 2017-10-05 | CVE-2017-14000 | Improper Authentication vulnerability in Ctekproducts Skyrouter Z4200 Firmware and Skyrouter Z4400 Firmware An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. | 9.4 |
| 2017-10-05 | CVE-2017-13995 | Improper Authentication vulnerability in Spidercontrol Ininet Webserver An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. | 10.0 |
| 2017-10-05 | CVE-2017-1000110 | Improper Authentication vulnerability in Jenkins Blue Ocean Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. | 4.3 |
| 2017-10-05 | CVE-2017-1000106 | Improper Authentication vulnerability in Jenkins Blue Ocean Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. | 8.5 |
| 2017-10-04 | CVE-2017-12819 | Improper Authentication vulnerability in Sentinel LDK RTE Firmware 7.50 Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55. | 9.8 |
| 2017-09-30 | CVE-2017-13984 | Improper Authentication vulnerability in HP BSM Platform Application Performance Management System Health 9.26/9.30/9.40 An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to delete arbitrary files via servlet directory traversal. | 6.5 |
| 2017-09-30 | CVE-2017-13983 | Improper Authentication vulnerability in HP BSM Platform Application Performance Management System Health 9.26/9.30/9.40 An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication. | 9.8 |
| 2017-09-29 | CVE-2017-12236 | Improper Authentication vulnerability in Cisco IOS XE 16.5.1C/3.2.0Ja/3.9.1E A vulnerability in the implementation of the Locator/ID Separation Protocol (LISP) in Cisco IOS XE 3.2 through 16.5 could allow an unauthenticated, remote attacker using an x tunnel router to bypass authentication checks performed when registering an Endpoint Identifier (EID) to a Routing Locator (RLOC) in the map server/map resolver (MS/MR). | 9.8 |
| 2017-09-29 | CVE-2017-12229 | Improper Authentication vulnerability in Cisco IOS XE A vulnerability in the REST API of the web-based user interface (web UI) of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated, remote attacker to bypass authentication to the REST API of the web UI of the affected software. | 9.8 |