Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-19 | CVE-2022-48494 | Improper Authentication vulnerability in Huawei Emui Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized. | 7.5 |
| 2023-06-19 | CVE-2022-48496 | Improper Authentication vulnerability in Huawei Emui Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized. | 7.5 |
| 2023-06-16 | CVE-2023-30223 | Improper Authentication vulnerability in 4D Server 17/18/19 A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions. | 7.5 |
| 2023-06-14 | CVE-2023-34367 | Improper Authentication vulnerability in Microsoft Windows 7 Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. | 6.5 |
| 2023-06-13 | CVE-2023-2638 | Improper Authentication vulnerability in Rockwellautomation products Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration archive is password protected. Improper authorization in FTSSBackupRestore.exe may lead to the loading of malicious configuration archives. This vulnerability may allow a local, authenticated non-admin user to craft a malicious backup archive, without password protection, that will be loaded by FactoryTalk System Services as a valid backup when a restore procedure takes places. | 5.0 |
| 2023-06-13 | CVE-2023-20867 | Improper Authentication vulnerability in multiple products A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. | 3.9 |
| 2023-06-13 | CVE-2023-30762 | Improper Authentication vulnerability in Kbdevice products Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. | 9.8 |
| 2023-06-13 | CVE-2023-29129 | Improper Authentication vulnerability in Mendix Saml A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.17.3 < V1.18.0), Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V2.4.0), Mendix SAML (Mendix 8 compatible) (All versions >= V2.2.0 < V2.3.0), Mendix SAML (Mendix 9 latest compatible, New Track) (All versions >= V3.3.1 < V3.6.1), Mendix SAML (Mendix 9 latest compatible, New Track) (All versions >= V3.1.9 < V3.3.1), Mendix SAML (Mendix 9 latest compatible, Upgrade Track) (All versions >= V3.3.0 < V3.6.0), Mendix SAML (Mendix 9 latest compatible, Upgrade Track) (All versions >= V3.1.8 < V3.3.0), Mendix SAML (Mendix 9.12/9.18 compatible, New Track) (All versions >= V3.3.1 < V3.3.15), Mendix SAML (Mendix 9.12/9.18 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.3.14), Mendix SAML (Mendix 9.6 compatible, New Track) (All versions >= V3.1.9 < V3.2.7), Mendix SAML (Mendix 9.6 compatible, Upgrade Track) (All versions >= V3.1.8 < V3.2.6). | 9.8 |
| 2023-06-12 | CVE-2023-32220 | Improper Authentication vulnerability in Milesight Ncr/Camera Firmware 71.8.0.6R5 Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method. | 9.8 |
| 2023-06-12 | CVE-2023-34246 | Improper Authentication vulnerability in Doorkeeper Project Doorkeeper Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. | 6.5 |