Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-08 | CVE-2021-1472 | Improper Authentication vulnerability in Cisco products Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. | 9.8 |
| 2021-04-06 | CVE-2021-30158 | Improper Authentication vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. | 5.3 |
| 2021-04-05 | CVE-2021-24175 | Improper Authentication vulnerability in Posimyth the Plus Addons for Elementor The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was being actively exploited to by malicious actors to bypass authentication, allowing unauthenticated users to log in as any user (including admin) by just providing the related username, as well as create accounts with arbitrary roles, such as admin. | 9.8 |
| 2021-04-02 | CVE-2019-20464 | Improper Authentication vulnerability in Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 Firmware An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. | 7.5 |
| 2021-04-02 | CVE-2021-29012 | Improper Authentication vulnerability in Dmasoftlab DMA Radius Manager 4.4.0 DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. | 9.8 |
| 2021-04-01 | CVE-2021-23923 | Improper Authentication vulnerability in Devolutions Server An issue was discovered in Devolutions Server before 2020.3. | 8.1 |
| 2021-04-01 | CVE-2021-21982 | Improper Authentication vulnerability in VMWare Carbon Black Cloud Workload 1.0/1.0.1 VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an authentication bypass vulnerability that may allow a malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance to obtain a valid authentication token. | 9.1 |
| 2021-03-29 | CVE-2019-5317 | Improper Authentication vulnerability in multiple products A local authentication bypass vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.15 and below; Aruba Instant 8.3.x: 8.3.0.11 and below; Aruba Instant 8.4.x: 8.4.0.5 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. | 6.8 |
| 2021-03-26 | CVE-2021-21403 | Improper Authentication vulnerability in Kongchuanhujiao Project Kongchuanhujiao In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. | 9.8 |
| 2021-03-26 | CVE-2021-3153 | Improper Authentication vulnerability in Hashicorp Terraform Enterprise 2020071 HashiCorp Terraform Enterprise up to v202102-2 failed to enforce an organization-level setting that required users within an organization to have two-factor authentication enabled. | 6.5 |