Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-7593 | Improper Authentication vulnerability in Ivanti Virtual Traffic Management Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel. | 9.8 |
| 2024-08-13 | CVE-2024-7746 | Improper Authentication vulnerability in Traccar Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by the Traccar solution that should otherwise be protected by the authentication mechanism. These transactions could have an impact on any sensitive aspect of the platform, including Confidentiality, Integrity and Availability. | 9.8 |
| 2024-08-08 | CVE-2024-4784 | Improper Authentication vulnerability in Gitlab An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1 before 17.1.4 and 17.2 before 17.2.2 that allowed bypassing the password re-entry requirement to approve a policy. | 5.4 |
| 2024-08-07 | CVE-2024-34788 | Improper Authentication vulnerability in Ivanti Endpoint Manager Mobile An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1 allows a remote malicious user to access potentially sensitive information | 6.5 |
| 2024-08-07 | CVE-2024-36130 | Improper Authentication vulnerability in Ivanti Endpoint Manager Mobile An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating system of the appliance. | 9.8 |
| 2024-08-07 | CVE-2024-36132 | Improper Authentication vulnerability in Ivanti Endpoint Manager Mobile Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote attacker to bypass authentication and access sensitive resources. | 7.5 |
| 2024-07-31 | CVE-2019-6197 | Improper Authentication vulnerability in Lenovo Pcmanager 2.6.40.3154 A vulnerability was reported in Lenovo PC Manager prior to version 2.8.90.11211 that could allow a local attacker to escalate privileges. | 7.8 |
| 2024-07-31 | CVE-2019-6198 | Improper Authentication vulnerability in Lenovo Pcmanager 2.6.40.3154 A vulnerability was reported in Lenovo PC Manager prior to version 2.8.90.11211 that could allow a local attacker to escalate privileges. | 7.8 |
| 2024-07-25 | CVE-2024-41800 | Improper Authentication vulnerability in Craftcms Craft CMS Craft is a content management system (CMS). | 7.5 |
| 2024-07-24 | CVE-2023-45249 | Improper Authentication vulnerability in Acronis Cyber Infrastructure Remote command execution due to use of default passwords. | 9.8 |