Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-19 | CVE-2021-26627 | Improper Authentication vulnerability in QCP Qcp200W Firmware Real-time image information exposure is caused by insufficient authentication for activated RTSP port. | 7.5 |
| 2022-04-19 | CVE-2022-1065 | Improper Authentication vulnerability in Abacus products A vulnerability within the authentication process of Abacus ERP allows a remote attacker to bypass the second authentication factor. | 8.8 |
| 2022-04-15 | CVE-2022-20695 | Improper Authentication vulnerability in Cisco products A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the improper implementation of the password validation algorithm. | 10.0 |
| 2022-04-15 | CVE-2022-26034 | Improper Authentication vulnerability in Yokogawa B/M9000 VP and Centum VP Improper authentication vulnerability in the communication protocol provided by AD (Automation Design) server of CENTUM VP R6.01.10 to R6.09.00, CENTUM VP Small R6.01.10 to R6.09.00, CENTUM VP Basic R6.01.10 to R6.09.00, and B/M9000 VP R8.01.01 to R8.03.01 allows an attacker to use the functions provided by AD server. | 9.1 |
| 2022-04-13 | CVE-2022-22956 | Improper Authentication vulnerability in VMWare products VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. | 9.8 |
| 2022-04-11 | CVE-2021-46740 | Improper Authentication vulnerability in Huawei Emui and Harmonyos The device authentication service module has a defect vulnerability introduced in the design process.Successful exploitation of this vulnerability may affect data confidentiality. | 7.5 |
| 2022-04-11 | CVE-2022-1067 | Improper Authentication vulnerability in Lifepoint Patient Portal Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting. | 6.5 |
| 2022-04-11 | CVE-2022-25832 | Improper Authentication vulnerability in Google Android 11.0/12.0 Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication. | 6.8 |
| 2022-04-11 | CVE-2022-25833 | Improper Authentication vulnerability in Google Android 10.0/11.0 Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission. | 3.3 |
| 2022-04-11 | CVE-2022-26091 | Improper Authentication vulnerability in Google Android 10.0/11.0/12.0 Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that physical attackers can bypass Knox Manage using a function key of hardware keyboard. | 6.8 |