Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-23 | CVE-2022-0996 | Improper Authentication vulnerability in multiple products A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. | 6.5 |
| 2022-03-23 | CVE-2022-0862 | Improper Authentication vulnerability in Mcafee Epolicy Orchestrator A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote attacker to change the password of a compromised session without knowing the existing user's password. | 5.3 |
| 2022-03-23 | CVE-2021-44759 | Improper Authentication vulnerability in multiple products Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an attacker to create a man in the middle attack. | 8.1 |
| 2022-03-21 | CVE-2021-46390 | Improper Authentication vulnerability in Lexar F35 Firmware 1.0.34.0 An access control issue in the authentication module of Lexar_F35 v1.0.34 allows attackers to access sensitive data and cause a Denial of Service (DoS). | 6.8 |
| 2022-03-18 | CVE-2022-0547 | Improper Authentication vulnerability in multiple products OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. | 9.8 |
| 2022-03-18 | CVE-2022-22656 | Improper Authentication vulnerability in Apple mac OS X and Macos An authentication issue was addressed with improved state management. | 3.3 |
| 2022-03-17 | CVE-2022-26504 | Improper Authentication vulnerability in Veeam Backup & Replication Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe | 8.8 |
| 2022-03-16 | CVE-2021-45786 | Improper Authentication vulnerability in Maccms 10.0 In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid" parameters to gain privileges. | 9.8 |
| 2022-03-14 | CVE-2022-24740 | Improper Authentication vulnerability in Plone Volto Volto is a ReactJS-based frontend for the Plone Content Management System. | 7.5 |
| 2022-03-13 | CVE-2021-36368 | Improper Authentication vulnerability in multiple products An issue was discovered in OpenSSH before 8.9. | 3.7 |