Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-13 | CVE-2023-2638 | Improper Authentication vulnerability in Rockwellautomation products Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration archive is password protected. Improper authorization in FTSSBackupRestore.exe may lead to the loading of malicious configuration archives. This vulnerability may allow a local, authenticated non-admin user to craft a malicious backup archive, without password protection, that will be loaded by FactoryTalk System Services as a valid backup when a restore procedure takes places. | 5.0 |
| 2023-06-13 | CVE-2023-30762 | Improper Authentication vulnerability in Kbdevice products Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. | 9.8 |
| 2023-06-13 | CVE-2023-29129 | Improper Authentication vulnerability in Mendix Saml A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.17.3 < V1.18.0), Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V2.4.0), Mendix SAML (Mendix 8 compatible) (All versions >= V2.2.0 < V2.3.0), Mendix SAML (Mendix 9 latest compatible, New Track) (All versions >= V3.3.1 < V3.6.1), Mendix SAML (Mendix 9 latest compatible, New Track) (All versions >= V3.1.9 < V3.3.1), Mendix SAML (Mendix 9 latest compatible, Upgrade Track) (All versions >= V3.3.0 < V3.6.0), Mendix SAML (Mendix 9 latest compatible, Upgrade Track) (All versions >= V3.1.8 < V3.3.0), Mendix SAML (Mendix 9.12/9.18 compatible, New Track) (All versions >= V3.3.1 < V3.3.15), Mendix SAML (Mendix 9.12/9.18 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.3.14), Mendix SAML (Mendix 9.6 compatible, New Track) (All versions >= V3.1.9 < V3.2.7), Mendix SAML (Mendix 9.6 compatible, Upgrade Track) (All versions >= V3.1.8 < V3.2.6). | 9.8 |
| 2023-06-12 | CVE-2023-32220 | Improper Authentication vulnerability in Milesight Ncr/Camera Firmware 71.8.0.6R5 Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method. | 9.8 |
| 2023-06-07 | CVE-2023-33553 | Improper Authentication vulnerability in Planet Wdrt-1800Ax Firmware 1.01Cp21 An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation of the LoginStatus cookie. | 9.8 |
| 2023-06-06 | CVE-2022-40521 | Improper Authentication vulnerability in Qualcomm products Transient DOS due to improper authorization in Modem | 7.5 |
| 2023-06-06 | CVE-2022-40536 | Improper Authentication vulnerability in Qualcomm products Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network. | 7.5 |
| 2023-06-05 | CVE-2023-3065 | Improper Authentication vulnerability in Mobatime Amxgt 100 1.3.20 Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.This issue affects Mobatime mobile application AMXGT100 through 1.3.20. | 9.1 |
| 2023-06-02 | CVE-2023-3069 | Improper Authentication vulnerability in Corebos 5.4/5.5/7.0 Unverified Password Change in GitHub repository tsolucio/corebos prior to 8. | 9.8 |
| 2023-06-01 | CVE-2023-3028 | Improper Authentication vulnerability in Hopechart Hqt401 Firmware 201808021036 Insufficient authentication in the MQTT backend (broker) allows an attacker to access and even manipulate the telemetry data of the entire fleet of vehicles using the HopeChart HQT-401 telematics unit. | 9.8 |