Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2021-20092 | Improper Authentication vulnerability in Buffalo products The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor. | 7.5 |
| 2021-04-28 | CVE-2021-25147 | Improper Authentication vulnerability in Arubanetworks Airwave A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. | 8.1 |
| 2021-04-28 | CVE-2020-21991 | Improper Authentication vulnerability in AVE products AVE DOMINAplus <=1.10.x suffers from an authentication bypass vulnerability due to missing control check when directly calling the autologin GET parameter in changeparams.php script. | 9.8 |
| 2021-04-26 | CVE-2021-23365 | Improper Authentication vulnerability in TYK Tyk-Identity-Broker The package github.com/tyktechnologies/tyk-identity-broker before 1.1.1 are vulnerable to Authentication Bypass via the Go XML parser which can cause SAML authentication bypass. | 9.1 |
| 2021-04-22 | CVE-2021-20590 | Improper Authentication vulnerability in Mitsubishielectric products Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and prior, GOT2000 series GT21 model GT2107-WTSD VNC server versions 01.40.000 and prior, GOT SIMPLE series GS21 model GS2110-WTBD-N VNC server versions 01.40.000 and prior and GOT SIMPLE series GS21 model GS2107-WTBD-N VNC server versions 01.40.000 and prior allows a remote unauthenticated attacker to gain unauthorized access via specially crafted packets when the "VNC server" function is used. | 7.5 |
| 2021-04-21 | CVE-2020-28973 | Improper Authentication vulnerability in Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.17 The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. | 7.5 |
| 2021-04-20 | CVE-2020-7856 | Improper Authentication vulnerability in Cnesty Helpcom 10.0 A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. | 9.8 |
| 2021-04-16 | CVE-2021-26074 | Improper Authentication vulnerability in Atlassian Connect Spring Boot Broken Authentication in Atlassian Connect Spring Boot (ACSB) from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. | 6.5 |
| 2021-04-16 | CVE-2021-26073 | Improper Authentication vulnerability in Atlassian Connect Express Broken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js package for building Atlassian Connect apps. | 7.7 |
| 2021-04-15 | CVE-2021-20288 | Improper Authentication vulnerability in multiple products An authentication flaw was found in ceph in versions before 14.2.20. | 7.2 |