Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-18 | CVE-2023-25556 | Improper Authentication vulnerability in Schneider-Electric products A CWE-287: Improper Authentication vulnerability exists that could allow a device to be compromised when a key of less than seven digits is entered and the attacker has access to the KNX installation. | 8.8 |
| 2023-04-18 | CVE-2021-40506 | Improper Authentication vulnerability in Openrisc Or1200 Firmware An issue was discovered in the ALU unit of the OR1200 (aka OpenRISC 1200) processor 2011-09-10 through 2015-11-11. | 9.8 |
| 2023-04-18 | CVE-2021-40507 | Improper Authentication vulnerability in Openrisc Or1200 Firmware An issue was discovered in the ALU unit of the OR1200 (aka OpenRISC 1200) processor 2011-09-10 through 2015-11-11. | 9.8 |
| 2023-04-17 | CVE-2023-28963 | Improper Authentication vulnerability in Juniper Junos An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device. | 5.3 |
| 2023-04-17 | CVE-2023-28973 | Improper Authentication vulnerability in Juniper Junos OS Evolved An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks Junos OS Evolved allows a local, authenticated attacker to execute administrative commands that could impact the integrity of the system or system availability. | 7.1 |
| 2023-04-17 | CVE-2023-24831 | Improper Authentication vulnerability in Apache Iotdb Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. | 9.8 |
| 2023-04-15 | CVE-2023-2027 | Improper Authentication vulnerability in ZM Ajax Login & Register Project ZM Ajax Login & Register The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.2. | 9.8 |
| 2023-04-14 | CVE-2023-25597 | Improper Authentication vulnerability in Mitel Micollab A vulnerability in the web conferencing component of Mitel MiCollab through 9.6.2.9 could allow an unauthenticated attacker to download a shared file via a crafted request - including the exact path and filename - due to improper authentication control. | 5.9 |
| 2023-04-14 | CVE-2022-45173 | Improper Authentication vulnerability in Liveboxcloud Vdesk 018 An issue was discovered in LIVEBOX Collaboration vDesk through v018. | 9.8 |
| 2023-04-14 | CVE-2022-45174 | Improper Authentication vulnerability in Liveboxcloud Vdesk 018 An issue was discovered in LIVEBOX Collaboration vDesk through v018. | 9.8 |