Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-01 | CVE-2022-43900 | Improper Authentication vulnerability in IBM Websphere Automation for IBM Cloud PAK for Watson Aiops 1.4.2 IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 could provide a weaker than expected security. | 6.5 |
| 2022-11-28 | CVE-2021-45036 | Improper Authentication vulnerability in Velneo Vclient 28.1.3 Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server. | 7.4 |
| 2022-11-23 | CVE-2022-37774 | Improper Authentication vulnerability in Maarch RM There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. | 5.3 |
| 2022-11-22 | CVE-2022-37931 | Improper Authentication vulnerability in HP Nonstop Netbatch-Plus T9189H01/T9189L01 A vulnerability in NetBatch-Plus software allows unauthorized access to the application. HPE has provided a workaround and fix. | 7.8 |
| 2022-11-15 | CVE-2022-20918 | Improper Authentication vulnerability in Cisco products A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module, Cisco Firepower Management Center (FMC) Software, and Cisco Next-Generation Intrusion Prevention System (NGIPS) Software could allow an unauthenticated, remote attacker to perform an SNMP GET request using a default credential. This vulnerability is due to the presence of a default credential for SNMP version 1 (SNMPv1) and SNMP version 2 (SNMPv2). | 7.5 |
| 2022-11-15 | CVE-2022-25667 | Improper Authentication vulnerability in Qualcomm products Information disclosure in kernel due to improper handling of ICMP requests in Snapdragon Wired Infrastructure and Networking | 7.5 |
| 2022-11-14 | CVE-2022-3477 | Improper Authentication vulnerability in multiple products The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress theme before 12.1 and Newsmag WordPress theme before 5.2.2, does not properly implement the Facebook login feature, allowing unauthenticated attackers to login as any user by just knowing their email address | 9.8 |
| 2022-11-11 | CVE-2022-34331 | Improper Authentication vulnerability in IBM Powervm Hypervisor Fw1010/Fw950 After performing a sequence of Power FW950, FW1010 maintenance operations a SRIOV network adapter can be improperly configured leading to desired VEPA configuration being disabled. | 9.8 |
| 2022-11-11 | CVE-2021-33159 | Improper Authentication vulnerability in Intel Active Management Technology Firmware Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
| 2022-11-11 | CVE-2022-21794 | Improper Authentication vulnerability in Intel products Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |