Vulnerabilities > Improper Authentication
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-02 | CVE-2021-21513 | Improper Authentication vulnerability in Dell Openmanage Server Administrator Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. | 9.8 |
2021-03-01 | CVE-2021-3332 | Improper Authentication vulnerability in Wpserveur WPS Hide Login 1.6.1 WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password. | 5.3 |
2021-02-27 | CVE-2021-25281 | Improper Authentication vulnerability in multiple products An issue was discovered in through SaltStack Salt before 3002.5. | 9.8 |
2021-02-26 | CVE-2020-26200 | Improper Authentication vulnerability in Kaspersky Endpoint Security and Rescue Disk A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. | 6.8 |
2021-02-19 | CVE-2021-3339 | Improper Authentication vulnerability in Microsoft Modernflow ModernFlow before 1.3.00.208 does not constrain web-page access to members of a security group, as demonstrated by the Search Screen and the Profile Screen. | 4.3 |
2021-02-19 | CVE-2020-10254 | Improper Authentication vulnerability in Owncloud An issue was discovered in ownCloud before 10.4. | 5.9 |
2021-02-11 | CVE-2020-13185 | Improper Authentication vulnerability in Teradici Cloud Access Connector Certain web application pages in the authenticated section of the Teradici Cloud Access Connector prior to v18 were accessible without the need to specify authentication tokens, which allowed an attacker in the ability to execute sensitive functions without credentials. | 6.5 |
2021-02-09 | CVE-2021-21502 | Improper Authentication vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration" vulnerability. | 9.8 |
2021-02-09 | CVE-2020-10048 | Improper Authentication vulnerability in Siemens Simatic PCS 7 and Simatic Wincc A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions < V7.5 SP2). | 5.5 |
2021-02-08 | CVE-2021-26905 | Improper Authentication vulnerability in 1Password Scim Bridge 1Password SCIM Bridge before 1.6.2 mishandles validation of authenticated requests for log files, leading to disclosure of a TLS private key. | 6.5 |