Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-12 | CVE-2023-29463 | Improper Authentication vulnerability in Rockwellautomation Pavilion8 The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. | 5.4 |
| 2023-09-11 | CVE-2023-39069 | Improper Authentication vulnerability in Strangebee Cortex and Thehive An issue in StrangeBee TheHive v.5.0.8, v.4.1.21 and Cortex v.3.1.6 allows a remote attacker to gain privileges via Active Directory authentication mechanism. | 9.8 |
| 2023-09-11 | CVE-2023-4816 | Improper Authentication vulnerability in Hitachienergy Asset Suite A vulnerability exists in the Equipment Tag Out authentication, when configured with Single Sign-On (SSO) with password validation in T214. | 8.8 |
| 2023-09-08 | CVE-2021-27715 | Improper Authentication vulnerability in Mofinetwork Mofi4500-4Gxelte-V2 Firmware 3.5.6Xnet5052 An issue was discovered in MoFi Network MOFI4500-4GXeLTE-V2 3.5.6-xnet-5052 allows attackers to bypass the authentication and execute arbitrary code via crafted HTTP request. | 9.8 |
| 2023-09-06 | CVE-2023-4498 | Improper Authentication vulnerability in Tenda N300 Firmware 53.0.1.6 Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only | 5.3 |
| 2023-09-06 | CVE-2023-37284 | Improper Authentication vulnerability in Tp-Link Archer C20 Firmware 150707 Improper authentication vulnerability in Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616' allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command via a crafted request to bypass authentication. | 8.8 |
| 2023-09-06 | CVE-2023-30708 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status. | 7.5 |
| 2023-09-06 | CVE-2023-30724 | Improper Authentication vulnerability in Samsung Gallery Improper authentication in GallerySearchProvider of Gallery prior to version 14.5.01.2 allows attacker to access search history. | 3.3 |
| 2023-09-06 | CVE-2023-30725 | Improper Authentication vulnerability in Samsung Gallery Improper authentication in LocalProvier of Gallery prior to version 14.5.01.2 allows attacker to access the data in content provider. | 5.5 |
| 2023-09-05 | CVE-2023-31242 | Improper Authentication vulnerability in Openautomationsoftware OAS Platform 18.00.0072 An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. | 9.8 |