Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-25 | CVE-2021-25368 | Improper Authentication vulnerability in Samsung Cloud Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed. | 7.5 |
| 2021-03-25 | CVE-2021-22496 | Improper Authentication vulnerability in Microfocus Access Manager Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. | 7.5 |
| 2021-03-22 | CVE-2021-26070 | Improper Authentication vulnerability in Atlassian Data Center and Jira Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `makeRequest` gadget resource. | 7.2 |
| 2021-03-18 | CVE-2021-24148 | Improper Authentication vulnerability in Inspireui Mstore API A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address. | 9.8 |
| 2021-03-17 | CVE-2021-22860 | Improper Authentication vulnerability in EIC E-Document System 2.9/3.0.2 EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. | 9.8 |
| 2021-03-13 | CVE-2021-20018 | Improper Authentication vulnerability in Sonicwall Sma100 Firmware 10.2.0.0/10.2.0.220Sv/10.2.0.5 A post-authenticated vulnerability in SonicWall SMA100 allows an attacker to export the configuration file to the specified email address. | 4.9 |
| 2021-03-11 | CVE-2021-21378 | Improper Authentication vulnerability in Envoyproxy Envoy 1.17.0 Envoy is a cloud-native high-performance edge/middle/service proxy. | 8.2 |
| 2021-03-10 | CVE-2020-35231 | Improper Authentication vulnerability in Netgear Gs116E Firmware and Jgs516Pe Firmware The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was affected by an authentication issue that allows an attacker to bypass access controls and obtain full control of the device. | 8.8 |
| 2021-03-05 | CVE-2020-28050 | Improper Authentication vulnerability in Zohocorp Manageengine Desktop Central Zoho ManageEngine Desktop Central before build 10.0.647 allows a single authentication secret from multiple agents to communicate with the server. | 9.1 |
| 2021-03-05 | CVE-2020-5148 | Improper Authentication vulnerability in Sonicwall Directory Services Connector SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker to bypass firewall access controls. | 8.2 |