Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-05 | CVE-2022-43557 | Improper Authentication vulnerability in BD products The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. | 5.3 |
| 2022-12-05 | CVE-2022-43504 | Improper Authentication vulnerability in Wordpress Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. | 5.3 |
| 2022-12-04 | CVE-2022-46411 | Improper Authentication vulnerability in Veritas Access Appliance and Netbackup Flex Scale Appliance An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. | 8.8 |
| 2022-12-01 | CVE-2022-43900 | Improper Authentication vulnerability in IBM Websphere Automation for IBM Cloud PAK for Watson Aiops 1.4.2 IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 could provide a weaker than expected security. | 6.5 |
| 2022-11-28 | CVE-2021-45036 | Improper Authentication vulnerability in Velneo Vclient 28.1.3 Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server. | 7.4 |
| 2022-11-23 | CVE-2022-37774 | Improper Authentication vulnerability in Maarch RM There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. | 5.3 |
| 2022-11-22 | CVE-2022-37931 | Improper Authentication vulnerability in HP Nonstop Netbatch-Plus T9189H01/T9189L01 A vulnerability in NetBatch-Plus software allows unauthorized access to the application. HPE has provided a workaround and fix. | 7.8 |
| 2022-11-15 | CVE-2022-20918 | Improper Authentication vulnerability in Cisco products A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module, Cisco Firepower Management Center (FMC) Software, and Cisco Next-Generation Intrusion Prevention System (NGIPS) Software could allow an unauthenticated, remote attacker to perform an SNMP GET request using a default credential. This vulnerability is due to the presence of a default credential for SNMP version 1 (SNMPv1) and SNMP version 2 (SNMPv2). | 7.5 |
| 2022-11-15 | CVE-2022-25667 | Improper Authentication vulnerability in Qualcomm products Information disclosure in kernel due to improper handling of ICMP requests in Snapdragon Wired Infrastructure and Networking | 7.5 |
| 2022-11-11 | CVE-2022-34331 | Improper Authentication vulnerability in IBM Powervm Hypervisor Fw1010/Fw950 After performing a sequence of Power FW950, FW1010 maintenance operations a SRIOV network adapter can be improperly configured leading to desired VEPA configuration being disabled. | 9.8 |