Vulnerabilities > Improper Authentication

DATE CVE VULNERABILITY TITLE RISK
2020-10-26 CVE-2020-7197 Improper Authentication vulnerability in HP Storeserv Management Console 3.4/3.4.1/3.5.0
SSMC3.7.0.0 is vulnerable to remote authentication bypass.
network
low complexity
hp CWE-287
critical
9.8
2020-10-21 CVE-2020-3565 Improper Authentication vulnerability in Cisco Firepower Threat Defense
A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies (including Geolocation) and Service Polices on an affected system.
network
low complexity
cisco CWE-287
5.8
2020-10-21 CVE-2020-3410 Improper Authentication vulnerability in Cisco Secure Firewall Management Center 6.6.0/6.6.0.1
A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system.
network
high complexity
cisco CWE-287
8.1
2020-10-19 CVE-2020-24629 Improper Authentication vulnerability in HP Intelligent Management Center
A remote urlaccesscontroller authentication bypass vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
network
low complexity
hp CWE-287
critical
9.8
2020-10-16 CVE-2020-14299 Improper Authentication vulnerability in Redhat products
A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode.
network
low complexity
redhat CWE-287
6.5
2020-10-14 CVE-2020-8350 Improper Authentication vulnerability in Lenovo Thinkpad Stack Wireless Router Firmware 1.1.3.4
An authentication bypass vulnerability was reported in Lenovo ThinkPad Stack Wireless Router firmware version 1.1.3.4 that could allow escalation of privilege.
low complexity
lenovo CWE-287
8.8
2020-10-12 CVE-2020-9109 Improper Authentication vulnerability in Huawei products
There is an information disclosure vulnerability in several smartphones.
low complexity
huawei CWE-287
4.6
2020-10-12 CVE-2020-4779 Improper Authentication vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0
A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10.
network
low complexity
ibm CWE-287
8.1
2020-10-09 CVE-2020-26921 Improper Authentication vulnerability in Netgear products
Certain NETGEAR devices are affected by authentication bypass.
low complexity
netgear CWE-287
8.8
2020-10-08 CVE-2020-10816 Improper Authentication vulnerability in Zohocorp Manageengine Applications Manager 14.7
Zoho ManageEngine Applications Manager 14780 and before allows a remote unauthenticated attacker to register managed servers via AAMRequestProcessor servlet.
network
low complexity
zohocorp CWE-287
7.5