Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-26 | CVE-2017-3795 | Improper Authentication vulnerability in Cisco Webex Meetings Server 2.6.0 A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user. | 5.4 |
| 2017-01-23 | CVE-2016-4484 | Improper Authentication vulnerability in Cryptsetup Project Cryptsetup The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password. | 6.8 |
| 2017-01-23 | CVE-2017-5554 | Improper Authentication vulnerability in Oneplus Oxygenos 3.2.8/3.5.4 An issue was discovered in ABOOT in OnePlus 3 and 3T OxygenOS before 4.0.2. | 8.1 |
| 2017-01-18 | CVE-2016-7144 | Improper Authentication vulnerability in Unrealircd The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter. | 8.1 |
| 2016-12-23 | CVE-2016-6659 | Improper Authentication vulnerability in multiple products Cloud Foundry before 248; UAA 2.x before 2.7.4.12, 3.x before 3.6.5, and 3.7.x through 3.9.x before 3.9.3; and UAA bosh release (aka uaa-release) before 13.9 for UAA 3.6.5 and before 24 for UAA 3.9.3 allow attackers to gain privileges by accessing UAA logs and subsequently running a specially crafted application that interacts with a configured SAML provider. | 8.1 |
| 2016-12-14 | CVE-2016-6474 | Improper Authentication vulnerability in Cisco IOS 15.5(2.25)T A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on an affected system. | 7.3 |
| 2016-12-13 | CVE-2016-4322 | Improper Authentication vulnerability in BMC Bladelogic Server Automation Console 8.7.00 BMC BladeLogic Server Automation (BSA) before 8.7 Patch 3 allows remote attackers to bypass authentication and consequently read arbitrary files or possibly have unspecified other impact by leveraging a "logic flaw" in the authentication process. | 9.8 |
| 2016-11-30 | CVE-2016-2944 | Improper Authentication vulnerability in IBM Bigfix Remote Control 9.1.2 IBM BigFix Remote Control before 9.1.3 does not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. | 9.8 |
| 2016-11-03 | CVE-2016-6452 | Improper Authentication vulnerability in Cisco Prime Home 5.0Base/5.1Base/5.2.0 A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. | 9.8 |
| 2016-10-28 | CVE-2016-6397 | Improper Authentication vulnerability in Cisco IP Interoperability and Collaboration System A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable. | 9.8 |