Vulnerabilities > Improper Authentication

DATE CVE VULNERABILITY TITLE RISK
2022-06-15 CVE-2022-20798 Improper Authentication vulnerability in Cisco products
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device.
network
low complexity
cisco CWE-287
critical
9.8
2022-06-14 CVE-2021-35094 Improper Authentication vulnerability in Qualcomm products
Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-287
7.8
2022-06-14 CVE-2022-30229 Improper Authentication vulnerability in Siemens Sicam Gridedge Essential
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6).
network
low complexity
siemens CWE-287
5.3
2022-06-13 CVE-2022-22259 Improper Authentication vulnerability in Huawei Flmg-10 Firmware 10.0.1.0(H100Sp22C00)
There is an improper authentication vulnerability in FLMG-10 10.0.1.0(H100SP22C00).
low complexity
huawei CWE-287
6.8
2022-06-07 CVE-2022-30749 Improper Authentication vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12
Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity.
local
low complexity
samsung CWE-287
7.8
2022-06-07 CVE-2020-36528 Improper Authentication vulnerability in Platinumchina Platinum Mobile 1.0.4.850
A vulnerability, which was classified as critical, was found in Platinum Mobile 1.0.4.850.
network
low complexity
platinumchina CWE-287
6.5
2022-06-07 CVE-2020-36533 Improper Authentication vulnerability in Klapp APP
A vulnerability was found in Klapp App and classified as problematic.
network
low complexity
klapp CWE-287
critical
9.8
2022-06-02 CVE-2022-31463 Improper Authentication vulnerability in Owllabs Meeting OWL PRO Firmware 5.2.0.15
Owl Labs Meeting Owl 5.2.0.15 does not require a password for Bluetooth commands, because only client-side authentication is used.
low complexity
owllabs CWE-287
7.1
2022-06-02 CVE-2022-26975 Improper Authentication vulnerability in Barco Control Room Management Suite
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing log files without authentication.
network
low complexity
barco CWE-287
7.5
2022-06-02 CVE-2022-30034 Improper Authentication vulnerability in Flower Project Flower
Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vulnerable to an OAuth authentication bypass.
network
low complexity
flower-project CWE-287
8.6