Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-06 | CVE-2021-20598 | Improper Authentication vulnerability in Mitsubishielectric products Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to lockout a legitimate user by continuously trying login with incorrect password. | 5.3 |
| 2021-08-06 | CVE-2021-37545 | Improper Authentication vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made. | 7.5 |
| 2021-08-05 | CVE-2021-25445 | Improper Authentication vulnerability in Samsung Internet Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet. | 5.3 |
| 2021-08-05 | CVE-2021-32579 | Improper Authentication vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API. | 7.8 |
| 2021-07-30 | CVE-2021-3636 | Improper Authentication vulnerability in Redhat Openshift It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. | 4.6 |
| 2021-07-30 | CVE-2020-16839 | Improper Authentication vulnerability in Crestron products On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802 patch, the password can be changed by sending an unauthenticated WebSocket request. | 7.5 |
| 2021-07-29 | CVE-2021-21538 | Improper Authentication vulnerability in Dell Idrac9 Firmware 4.40.00.00 Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. | 10.0 |
| 2021-07-21 | CVE-2020-21932 | Improper Authentication vulnerability in Motorola CX2 Firmware 1.0.2 A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to bypass login and obtain a partially authorized token and uid. | 5.3 |
| 2021-07-19 | CVE-2021-34675 | Improper Authentication vulnerability in Basixonline Nex-Forms Basix NEX-Forms through 7.8.7 allows authentication bypass for stored PDF reports. | 7.5 |
| 2021-07-19 | CVE-2021-34676 | Improper Authentication vulnerability in Basixonline Nex-Forms Basix NEX-Forms through 7.8.7 allows authentication bypass for Excel report generation. | 7.5 |