Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-21 | CVE-2020-3410 | Improper Authentication vulnerability in Cisco Secure Firewall Management Center 6.6.0/6.6.0.1 A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system. | 8.1 |
| 2020-10-19 | CVE-2020-24629 | Improper Authentication vulnerability in HP Intelligent Management Center A remote urlaccesscontroller authentication bypass vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | 9.8 |
| 2020-10-16 | CVE-2020-14299 | Improper Authentication vulnerability in Redhat products A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. | 6.5 |
| 2020-10-14 | CVE-2020-8350 | Improper Authentication vulnerability in Lenovo Thinkpad Stack Wireless Router Firmware 1.1.3.4 An authentication bypass vulnerability was reported in Lenovo ThinkPad Stack Wireless Router firmware version 1.1.3.4 that could allow escalation of privilege. | 8.8 |
| 2020-10-12 | CVE-2020-9109 | Improper Authentication vulnerability in Huawei products There is an information disclosure vulnerability in several smartphones. | 4.6 |
| 2020-10-12 | CVE-2020-4779 | Improper Authentication vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0 A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. | 8.1 |
| 2020-10-09 | CVE-2020-26921 | Improper Authentication vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 8.8 |
| 2020-10-08 | CVE-2020-10816 | Improper Authentication vulnerability in Zohocorp Manageengine Applications Manager 14.7 Zoho ManageEngine Applications Manager 14780 and before allows a remote unauthenticated attacker to register managed servers via AAMRequestProcessor servlet. | 7.5 |
| 2020-10-07 | CVE-2020-25867 | Improper Authentication vulnerability in Soplanning SoPlanning before 1.47 doesn't correctly check the security key used to publicly share plannings. | 5.3 |
| 2020-10-02 | CVE-2020-12126 | Improper Authentication vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403 Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint. | 9.8 |