Vulnerabilities > Improper Authentication
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-05 | CVE-2021-39226 | Improper Authentication vulnerability in multiple products Grafana is an open source data visualization platform. | 7.3 |
2021-10-05 | CVE-2021-41286 | Improper Authentication vulnerability in Omikron Multicash 4.00.008 Omikron MultiCash Desktop 4.00.008.SP5 relies on a client-side authentication mechanism. | 7.8 |
2021-10-05 | CVE-2021-39872 | Improper Authentication vulnerability in Gitlab In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration. | 6.5 |
2021-10-04 | CVE-2021-23857 | Improper Authentication vulnerability in Bosch products Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. | 9.8 |
2021-10-04 | CVE-2021-35296 | Improper Authentication vulnerability in Ptcl Hg150-Ub Firmware 3.0 An issue in the administrator authentication panel of PTCL HG150-Ub v3.0 allows attackers to bypass authentication via modification of the cookie value and Response Path. | 9.8 |
2021-09-30 | CVE-2021-20578 | Improper Authentication vulnerability in IBM Cloud PAK for Security 1.7.0.0/1.7.1.0/1.7.2.0 IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an attacker to perform unauthorized actions due to improper or missing authentication controls. | 9.8 |
2021-09-30 | CVE-2021-24017 | Improper Authentication vulnerability in Fortinet Fortimanager An improper authentication in Fortinet FortiManager version 6.4.3 and below, 6.2.6 and below allows attacker to assign arbitrary Policy and Object modules via crafted requests to the request handler. | 4.3 |
2021-09-30 | CVE-2021-41292 | Improper Authentication vulnerability in Ecoa products ECOA BAS controller suffers from an authentication bypass vulnerability. | 9.1 |
2021-09-29 | CVE-2021-35943 | Improper Authentication vulnerability in Couchbase Server Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. | 9.8 |
2021-09-27 | CVE-2021-31606 | Improper Authentication vulnerability in Openvpn-Monitor Project Openvpn-Monitor furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients. | 7.5 |