Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-23 | CVE-2023-27388 | Improper Authentication vulnerability in multiple products Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. | 9.8 |
| 2023-05-22 | CVE-2023-2586 | Improper Authentication vulnerability in Teltonika Remote Management System 4.14.0 Teltonika’s Remote Management System versions 4.14.0 is vulnerable to an unauthorized attacker registering previously unregistered devices through the RMS platform. | 9.8 |
| 2023-05-22 | CVE-2023-32347 | Improper Authentication vulnerability in Teltonika Remote Management System Teltonika’s Remote Management System versions prior to 4.10.0 use device serial numbers and MAC addresses to identify devices from the user perspective for device claiming and from the device perspective for authentication. | 9.8 |
| 2023-05-18 | CVE-2023-2024 | Improper Authentication vulnerability in Johnsoncontrols Openblue Enterprise Manager Data Collector Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances. | 7.5 |
| 2023-05-17 | CVE-2023-0863 | Improper Authentication vulnerability in ABB products Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5. | 8.8 |
| 2023-05-17 | CVE-2023-2706 | Improper Authentication vulnerability in Xootix OTP Login Woocommerce & Gravity Forms The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication bypass. | 8.1 |
| 2023-05-16 | CVE-2023-2499 | Improper Authentication vulnerability in Metagauss Registrationmagic The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.2.1.0. | 9.8 |
| 2023-05-15 | CVE-2023-23450 | Improper Authentication vulnerability in Sick products Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to use a password hash instead of an actual password to login to a valid user account via the REST interface. | 9.8 |
| 2023-05-12 | CVE-2023-27823 | Improper Authentication vulnerability in Optoma 1080Pstx C02 An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials. | 9.8 |
| 2023-05-12 | CVE-2023-32081 | Improper Authentication vulnerability in Eclipse Vert.X Stomp Vert.x STOMP is a vert.x implementation of the STOMP specification that provides a STOMP server and client. | 6.5 |