Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-13 | CVE-2023-39380 | Improper Authentication vulnerability in Huawei Emui and Harmonyos Permission control vulnerability in the audio module. | 7.5 |
| 2023-08-11 | CVE-2023-40253 | Improper Authentication vulnerability in Genians Genian NAC and Genian Ztna Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Authentication Abuse.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15. | 9.8 |
| 2023-08-11 | CVE-2023-40260 | Improper Authentication vulnerability in Empowerid 7.205.0.0 EmpowerID before 7.205.0.1 allows an attacker to bypass an MFA (multi factor authentication) requirement if the first factor (username and password) is known, because the first factor is sufficient to change an account's email address, and the product would then send MFA codes to the new email address (which may be attacker-controlled). | 9.1 |
| 2023-08-08 | CVE-2023-21626 | Improper Authentication vulnerability in Qualcomm products Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. | 7.1 |
| 2023-08-07 | CVE-2023-32090 | Improper Authentication vulnerability in Pega Platform Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentials | 9.8 |
| 2023-08-04 | CVE-2023-0264 | Improper Authentication vulnerability in Redhat products A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. | 5.0 |
| 2023-08-04 | CVE-2023-38691 | Improper Authentication vulnerability in Matrix Matrix-Appservice-Bridge matrix-appservice-bridge provides an API for setting up bridges. | 6.5 |
| 2023-08-04 | CVE-2023-39112 | Improper Authentication vulnerability in Shopex Ecshop 4.1.16 ECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel. | 6.5 |
| 2023-08-03 | CVE-2023-20214 | Improper Authentication vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write permissions to the configuration of an affected Cisco SD-WAN vManage instance. This vulnerability is due to insufficient request validation when using the REST API feature. | 9.1 |
| 2023-08-03 | CVE-2023-33363 | Improper Authentication vulnerability in Supremainc Biostar 2 An authentication bypass vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated users to access some functionality on BioStar 2 servers. | 7.5 |