Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-16 | CVE-2022-32971 | Improper Authentication vulnerability in Intel System Usage Report Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow a privileged user to potentially enable escalation of privilege via network access. | 7.2 |
| 2023-02-16 | CVE-2022-33946 | Improper Authentication vulnerability in Intel System Usage Report Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-02-16 | CVE-2022-32570 | Improper Authentication vulnerability in Intel Quartus Prime Improper authentication in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-02-15 | CVE-2023-23460 | Improper Authentication vulnerability in Priority-Software Priority 19.1.0.68 Priority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow authentication bypass. | 9.8 |
| 2023-02-13 | CVE-2022-45724 | Improper Authentication vulnerability in Comfast Cf-Wr610N Firmware 2.3.1 Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSION_ID, and using this SESSION_ID an attacker can then perform authenticated requests. | 5.4 |
| 2023-02-09 | CVE-2023-21425 | Improper Authentication vulnerability in Samsung Android 10.0/11.0 Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information. | 5.5 |
| 2023-02-09 | CVE-2023-21437 | Improper Authentication vulnerability in Samsung Android 10.0/11.0 Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast. | 5.5 |
| 2023-02-09 | CVE-2022-48294 | Improper Authentication vulnerability in Huawei Emui and Harmonyos The IHwAttestationService interface has a defect in authentication. | 7.5 |
| 2023-02-01 | CVE-2023-22501 | Improper Authentication vulnerability in Atlassian Jira Service Management An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances_._ With write access to a User Directory and outgoing email enabled on a Jira Service Management instance, an attacker could gain access to signup tokens sent to users with accounts that have never been logged into. | 9.1 |
| 2023-01-31 | CVE-2020-20402 | Improper Authentication vulnerability in Portfoliocms Project Portfoliocms 1.0.5 Westbrookadmin portfolioCMS v1.05 allows attackers to bypass password validation and access sensitive information via session fixation. | 7.5 |