Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-30 | CVE-2021-36370 | Improper Authentication vulnerability in Midnight-Commander Midnight Commander An issue was discovered in Midnight Commander through 4.8.26. | 7.5 |
| 2021-08-30 | CVE-2021-37417 | Improper Authentication vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper parameter validation. | 9.8 |
| 2021-08-30 | CVE-2021-22025 | Improper Authentication vulnerability in VMWare products The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. | 7.5 |
| 2021-08-30 | CVE-2021-32967 | Improper Authentication vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new administrative user without being authenticated or authorized, which may allow the attacker to log in and use the device with administrative privileges. | 9.8 |
| 2021-08-24 | CVE-2021-30867 | Improper Authentication vulnerability in Apple Ipados and Iphone OS The issue was addressed with improved authentication. | 5.5 |
| 2021-08-19 | CVE-2021-37597 | Improper Authentication vulnerability in Wpcerber WP Cerber WP Cerber before 8.9.3 allows MFA bypass via wordpress_logged_in_[hash] manipulation. | 9.8 |
| 2021-08-18 | CVE-2021-1561 | Improper Authentication vulnerability in Cisco Secure Email and web Manager A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), could allow an authenticated, remote attacker to gain unauthorized access and modify the spam quarantine settings of another user. | 5.4 |
| 2021-08-17 | CVE-2021-3458 | Improper Authentication vulnerability in Motorola Mm1000 Firmware The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified. | 4.6 |
| 2021-08-12 | CVE-2021-36921 | Improper Authentication vulnerability in Monitorapp Application Insight Manager B107 AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 has Improper Authentication. | 8.8 |
| 2021-08-12 | CVE-2021-27794 | Improper Authentication vulnerability in Broadcom Fabric Operating System A vulnerability in the authentication mechanism of Brocade Fabric OS versions before Brocade Fabric OS v.9.0.1a, v8.2.3a and v7.4.2h could allow a user to Login with empty password, and invalid password through telnet, ssh and REST. | 7.8 |