Vulnerabilities > Improper Authentication
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-26 | CVE-2020-3151 | Improper Authentication vulnerability in Cisco Connected Mobile Experiences 10.6.0/10.6.1/10.6.2 A vulnerability in the CLI of Cisco Connected Mobile Experiences (CMX) could allow an authenticated, local attacker with administrative credentials to bypass restrictions on the CLI. | 6.7 |
| 2020-08-26 | CVE-2020-16251 | Improper Authentication vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise versions 0.8.3 and newer, when configured with the GCP GCE auth method, may be vulnerable to authentication bypass. | 8.2 |
| 2020-08-24 | CVE-2020-24612 | Improper Authentication vulnerability in Fedoraproject Selinux-Policy 20200824/3.14 An issue was discovered in the selinux-policy (aka Reference Policy) package 3.14 through 2020-08-24 because the .config/Yubico directory is mishandled. | 4.7 |
| 2020-08-24 | CVE-2020-19888 | Improper Authentication vulnerability in Dbhcms Project Dbhcms 1.2.0 DBHcms v1.2.0 has an unauthorized operation vulnerability because there's no access control at line 175 of dbhcms\page.php for empty cache operation. | 5.9 |
| 2020-08-21 | CVE-2020-10123 | Improper Authentication vulnerability in NCR Aptra XFS 04.02.01/05.01.00 The currency dispenser of NCR SelfSev ATMs running APTRA XFS 05.01.00 or earlier does not adequately authenticate session key generation requests from the host computer, allowing an attacker with physical access to internal ATM components to issue valid commands to dispense currency by generating a new session key that the attacker knows. | 5.3 |
| 2020-08-21 | CVE-2020-16239 | Improper Authentication vulnerability in Philips Suresigns VS4 Firmware A.07.107 Philips SureSigns VS4, A.07.107 and prior. | 4.9 |
| 2020-08-20 | CVE-2020-15149 | Improper Authentication vulnerability in Nodebb NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in the validation logic that makes it possible to change the password of any user on a running NodeBB forum by sending a specially crafted socket.io call to the server. | 9.9 |
| 2020-08-17 | CVE-2020-3411 | Improper Authentication vulnerability in Cisco DNA Center A vulnerability in Cisco DNA Center software could allow an unauthenticated remote attacker access to sensitive information on an affected system. | 7.5 |
| 2020-08-17 | CVE-2020-9233 | Improper Authentication vulnerability in Huawei Fusioncompute 8.0.0 FusionCompute 8.0.0 have an insufficient authentication vulnerability. | 9.1 |
| 2020-08-14 | CVE-2020-4662 | Improper Authentication vulnerability in IBM Event Streams 10.0.0 IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation. | 8.8 |