Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-02 | CVE-2021-21513 | Improper Authentication vulnerability in Dell Openmanage Server Administrator Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. | 9.8 |
| 2021-03-01 | CVE-2021-27878 | Improper Authentication vulnerability in Veritas Backup Exec An issue was discovered in Veritas Backup Exec before 21.2. | 8.8 |
| 2021-03-01 | CVE-2021-27877 | Improper Authentication vulnerability in Veritas Backup Exec An issue was discovered in Veritas Backup Exec before 21.2. | 9.8 |
| 2021-03-01 | CVE-2021-27876 | Improper Authentication vulnerability in Veritas Backup Exec An issue was discovered in Veritas Backup Exec before 21.2. | 8.1 |
| 2021-03-01 | CVE-2021-3332 | Improper Authentication vulnerability in Wpserveur WPS Hide Login 1.6.1 WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password. | 5.3 |
| 2021-02-27 | CVE-2021-25281 | Improper Authentication vulnerability in multiple products An issue was discovered in through SaltStack Salt before 3002.5. | 9.8 |
| 2021-02-26 | CVE-2020-26200 | Improper Authentication vulnerability in Kaspersky Endpoint Security and Rescue Disk A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. | 6.8 |
| 2021-02-19 | CVE-2021-3339 | Improper Authentication vulnerability in Microsoft Modernflow ModernFlow before 1.3.00.208 does not constrain web-page access to members of a security group, as demonstrated by the Search Screen and the Profile Screen. | 4.3 |
| 2021-02-19 | CVE-2020-10254 | Improper Authentication vulnerability in Owncloud An issue was discovered in ownCloud before 10.4. | 5.9 |
| 2021-02-11 | CVE-2020-13185 | Improper Authentication vulnerability in Teradici Cloud Access Connector Certain web application pages in the authenticated section of the Teradici Cloud Access Connector prior to v18 were accessible without the need to specify authentication tokens, which allowed an attacker in the ability to execute sensitive functions without credentials. | 6.5 |