Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-30 | CVE-2023-24830 | Improper Authentication vulnerability in Apache Iotdb Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects iotdb-web-workbench component: from 0.13.0 before 0.13.3. | 7.5 |
| 2023-01-27 | CVE-2022-48066 | Improper Authentication vulnerability in Totolink A830R Firmware 4.1.2Cu.5182 An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass authentication via a crafted cookie. | 9.8 |
| 2023-01-26 | CVE-2023-20924 | Improper Authentication vulnerability in Google Android In (TBD) of (TBD), there is a possible way to bypass the lockscreen due to Biometric Auth Failure. | 6.8 |
| 2023-01-26 | CVE-2023-23612 | Improper Authentication vulnerability in Amazon Opensearch OpenSearch is an open source distributed and RESTful search engine. | 8.8 |
| 2023-01-23 | CVE-2021-43444 | Improper Authentication vulnerability in Onlyoffice Server 7.0.0.49 ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. | 7.5 |
| 2023-01-23 | CVE-2021-43445 | Improper Authentication vulnerability in Onlyoffice Server 7.0.0.49 ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. | 9.8 |
| 2023-01-20 | CVE-2020-22657 | Improper Authentication vulnerability in Ruckuswireless products In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 (SCG200) before 3.6.2.0.795, SmartZone 100 (SZ-100) before 3.6.2.0.795, SmartZone 300 (SZ300) before 3.6.2.0.795, Virtual SmartZone (vSZ) before 3.6.2.0.795, ZoneDirector 1100 9.10.2.0.130, ZoneDirector 1200 10.2.1.0.218, ZoneDirector 3000 10.2.1.0.218, ZoneDirector 5000 10.0.1.0.151, a vulnerability allows attackers to perform WEB GUI login authentication bypass. | 9.1 |
| 2023-01-20 | CVE-2023-22964 | Improper Authentication vulnerability in Zohocorp Manageengine Servicedesk Plus MSP 10.6/13.0 Zoho ManageEngine ServiceDesk Plus MSP before 10611, and 13x before 13004, is vulnerable to authentication bypass when LDAP authentication is enabled. | 9.1 |
| 2023-01-20 | CVE-2023-22334 | Improper Authentication vulnerability in Contec Conprosys HMI System Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier allows a remote authenticated attacker to obtain user credentials information via a man-in-the-middle attack. | 5.3 |
| 2023-01-18 | CVE-2021-4314 | Improper Authentication vulnerability in Linuxfoundation Zowe API Mediation Layer 1.16/1.19 It is possible to manipulate the JWT token without the knowledge of the JWT secret and authenticate without valid JWT token as any user. | 5.3 |