Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-01 | CVE-2023-5326 | Improper Authentication vulnerability in Sato Cl4Nx-J Plus Firmware 1.13.2U455R2 A vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. | 8.8 |
| 2023-09-27 | CVE-2023-20252 | Improper Authentication vulnerability in Cisco Catalyst Sd-Wan Manager 20.11.1.2/20.9.3.2 A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user. This vulnerability is due to improper authentication checks for SAML APIs. | 9.8 |
| 2023-09-27 | CVE-2023-41904 | Improper Authentication vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass (for AuthToken generation) in REST APIs. | 5.4 |
| 2023-09-20 | CVE-2023-31015 | Improper Authentication vulnerability in Nvidia DGX H100 Firmware NVIDIA DGX H100 BMC contains a vulnerability in the REST service where a host user may cause as improper authentication issue. | 7.8 |
| 2023-09-19 | CVE-2023-4094 | Improper Authentication vulnerability in Fujitsu Arconte Aurea 1.5.0.0 ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make incorrect access requests in order to block each legitimate account and cause a denial of service. | 8.2 |
| 2023-09-19 | CVE-2023-0773 | Improper Authentication vulnerability in Uniview Ipc322Lb-Sf28-A Firmware The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. | 9.8 |
| 2023-09-15 | CVE-2023-0813 | Improper Authentication vulnerability in Redhat Network Observability 1.0 A flaw was found in the Network Observability plugin for OpenShift console. | 7.5 |
| 2023-09-15 | CVE-2023-41900 | Improper Authentication vulnerability in multiple products Jetty is a Java based web server and servlet engine. | 4.3 |
| 2023-09-15 | CVE-2023-42442 | Improper Authentication vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host and a professional operation and maintenance security audit system. | 5.3 |
| 2023-09-15 | CVE-2022-47848 | Improper Authentication vulnerability in Bezeq Vtech Iad604-Il Firmware and Vtech Nb403-Il Firmware An issue was discovered in Bezeq Vtech NB403-IL version BZ_2.02.07.09.13.01 and Vtech IAD604-IL versions BZ_2.02.07.09.13.01, BZ_2.02.07.09.13T, and BZ_2.02.07.09.09T, allows remote attackers to gain sensitive information via rootDesc.xml page of the UPnP service. | 7.5 |