Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-19 | CVE-2021-37597 | Improper Authentication vulnerability in Wpcerber WP Cerber WP Cerber before 8.9.3 allows MFA bypass via wordpress_logged_in_[hash] manipulation. | 9.8 |
| 2021-08-18 | CVE-2021-1561 | Improper Authentication vulnerability in Cisco Secure Email and web Manager A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), could allow an authenticated, remote attacker to gain unauthorized access and modify the spam quarantine settings of another user. | 5.4 |
| 2021-08-17 | CVE-2021-3458 | Improper Authentication vulnerability in Motorola Mm1000 Firmware The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified. | 4.6 |
| 2021-08-12 | CVE-2021-36921 | Improper Authentication vulnerability in Monitorapp Application Insight Manager B107 AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 has Improper Authentication. | 8.8 |
| 2021-08-12 | CVE-2021-27794 | Improper Authentication vulnerability in Broadcom Fabric Operating System A vulnerability in the authentication mechanism of Brocade Fabric OS versions before Brocade Fabric OS v.9.0.1a, v8.2.3a and v7.4.2h could allow a user to Login with empty password, and invalid password through telnet, ssh and REST. | 7.8 |
| 2021-08-11 | CVE-2021-3046 | Improper Authentication vulnerability in Paloaltonetworks Pan-Os An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication. | 6.5 |
| 2021-08-09 | CVE-2021-21564 | Improper Authentication vulnerability in Dell Openmanage Enterprise 3.5 Dell OpenManage Enterprise versions prior to 3.6.1 contain an improper authentication vulnerability. | 9.8 |
| 2021-08-09 | CVE-2014-9320 | Improper Authentication vulnerability in SAP Businessobjects Edge 4.1 SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and consequently gain SYSTEM privileges via vectors involving CORBA calls, aka SAP Note 2039905. | 9.8 |
| 2021-08-06 | CVE-2021-20598 | Improper Authentication vulnerability in Mitsubishielectric products Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to lockout a legitimate user by continuously trying login with incorrect password. | 5.3 |
| 2021-08-06 | CVE-2021-37545 | Improper Authentication vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made. | 7.5 |