Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-05 | CVE-2021-25445 | Improper Authentication vulnerability in Samsung Internet Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet. | 5.3 |
| 2021-08-05 | CVE-2021-32579 | Improper Authentication vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API. | 7.8 |
| 2021-07-30 | CVE-2021-3636 | Improper Authentication vulnerability in Redhat Openshift It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. | 4.6 |
| 2021-07-30 | CVE-2020-16839 | Improper Authentication vulnerability in Crestron products On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802 patch, the password can be changed by sending an unauthenticated WebSocket request. | 7.5 |
| 2021-07-29 | CVE-2021-21538 | Improper Authentication vulnerability in Dell Idrac9 Firmware 4.40.00.00 Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. | 10.0 |
| 2021-07-21 | CVE-2020-21932 | Improper Authentication vulnerability in Motorola CX2 Firmware 1.0.2 A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to bypass login and obtain a partially authorized token and uid. | 5.3 |
| 2021-07-19 | CVE-2021-34675 | Improper Authentication vulnerability in Basixonline Nex-Forms Basix NEX-Forms through 7.8.7 allows authentication bypass for stored PDF reports. | 7.5 |
| 2021-07-19 | CVE-2021-34676 | Improper Authentication vulnerability in Basixonline Nex-Forms Basix NEX-Forms through 7.8.7 allows authentication bypass for Excel report generation. | 7.5 |
| 2021-07-19 | CVE-2021-35964 | Improper Authentication vulnerability in Learningdigital Orca HCM The management page of the Orca HCM digital learning platform does not perform identity verification, which allows remote attackers to execute the management function without logging in, access members’ information, modify and delete the courses in system, thus causing users fail to access the learning content. | 9.8 |
| 2021-07-16 | CVE-2020-4821 | Improper Authentication vulnerability in IBM products IBM InfoSphere Data Replication 11.4 and IBM InfoSphere Change Data Capture for z/OS 10.2.1, under certain configurations, could allow a user to bypass authentication mechanisms using an empty password string. | 9.8 |