Total
136 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-22495 | 1 Maif | 1 Izanami | 2023-11-07 | N/A | 9.8 CRITICAL |
| Izanami is a shared configuration service well-suited for micro-service architecture implementation. Attackers can bypass the authentication in this application when deployed using the official Docker image. Because a hard coded secret is used to sign the authentication token (JWT), an attacker could compromise another instance of Izanami. This issue has been patched in version 1.11.0. | |||||
| CVE-2023-20003 | 1 Cisco | 16 Business 140ac Access Point, Business 140ac Access Point Firmware, Business 141acm and 13 more | 2023-11-07 | N/A | 8.8 HIGH |
| A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due to a logic error with the social login implementation. An attacker could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the Guest Portal without authentication. | |||||
| CVE-2022-23722 | 1 Pingidentity | 1 Pingfederate | 2023-11-07 | 3.5 LOW | 6.5 MEDIUM |
| When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password. | |||||
| CVE-2021-28131 | 1 Apache | 1 Impala | 2023-11-07 | 6.0 MEDIUM | 7.5 HIGH |
| Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another user. However, these secrets appear in the Impala logs, therefore Impala users with access to the logs can use another authenticated user's sessions with specially constructed requests. This means the attacker is able to execute statements for which they don't have the necessary privileges otherwise. Impala deployments with Apache Sentry or Apache Ranger authorization enabled may be vulnerable to privilege escalation if an authenticated attacker is able to hijack a session or query from another authenticated user with privileges not assigned to the attacker. Impala deployments with audit logging enabled may be vulnerable to incorrect audit logging as a user could undertake actions that were logged under the name of a different authenticated user. Constructing an attack requires a high degree of technical sophistication and access to the Impala system as an authenticated user. Mitigation: If an Impala deployment uses Apache Sentry, Apache Ranger or audit logging, then users should upgrade to a version of Impala with the fix for IMPALA-10600. The Impala 4.0 release includes this fix. This hides session secrets from the logs to eliminate the risk of any attack using this mechanism. In lieu of an upgrade, restricting access to logs that expose secrets will reduce the risk of an attack. Restricting access to the Impala deployment to trusted users will also reduce the risk of an attack. Log redaction techniques can be used to redact secrets from the logs. | |||||
| CVE-2020-4050 | 3 Debian, Fedoraproject, Wordpress | 3 Debian Linux, Fedora, Wordpress | 2023-11-07 | 6.0 MEDIUM | 3.1 LOW |
| In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved. It does require an admin to install a plugin that would misuse the filter. Once installed, it can be leveraged by low privileged users. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34). | |||||
| CVE-2019-9510 | 1 Microsoft | 2 Windows 10, Windows Server 2019 | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 and later systems can allow authenticated RDP-connected clients to gain access to user sessions without needing to interact with the Windows lock screen. Should a network anomaly trigger a temporary RDP disconnect, Automatic Reconnection of the RDP session will be restored to an unlocked state, regardless of how the remote system was left. By interrupting network connectivity of a system, an attacker with access to a system being used as a Windows RDP client can gain access to a connected remote system, regardless of whether or not the remote system was locked. This issue affects Microsoft Windows 10, version 1803 and later, and Microsoft Windows Server 2019, version 2019 and later. | |||||
| CVE-2018-5386 | 1 Navarino | 1 Infinity | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Some Navarino Infinity functions, up to version 2.2, placed in the URL can bypass any authentication mechanism leading to an information leak. | |||||
| CVE-2023-39231 | 1 Pingidentity | 1 Pingone Mfa Integration Kit | 2023-10-31 | N/A | 6.5 MEDIUM |
| PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring second factor authentication from an existing registered device. A threat actor may be able to exploit this vulnerability to register their own MFA device if they have knowledge of a victim user's first factor credentials. | |||||
| CVE-2023-39930 | 1 Pingidentity | 1 Pingid Radius Pcv | 2023-10-31 | N/A | 9.8 CRITICAL |
| A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request. | |||||
| CVE-2023-43045 | 1 Ibm | 1 Sterling Partner Engagement Manager | 2023-10-28 | N/A | 7.5 HIGH |
| IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to perform unauthorized actions due to improper authentication. IBM X-Force ID: 266896. | |||||
| CVE-2022-27510 | 1 Citrix | 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway | 2023-10-18 | N/A | 9.8 CRITICAL |
| Unauthorized access to Gateway user capabilities | |||||
| CVE-2023-4957 | 1 Zebra | 2 Zt410, Zt410 Firmware | 2023-10-16 | N/A | 4.3 MEDIUM |
| A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the setvarsResults.cgi file. For this vulnerability to be exploitable, the printers protected mode must be disabled. | |||||
| CVE-2023-42793 | 1 Jetbrains | 1 Teamcity | 2023-10-03 | N/A | 9.8 CRITICAL |
| In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | |||||
| CVE-2022-2031 | 1 Samba | 1 Samba | 2023-09-17 | N/A | 8.8 HIGH |
| A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tickets to other services. | |||||
| CVE-2023-41256 | 1 Doverfuelingsolutions | 2 Maglink Lx 3, Maglink Lx Web Console Configuration | 2023-09-15 | N/A | 9.1 CRITICAL |
| Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication bypass that could allow an unauthorized attacker to obtain user access. | |||||
| CVE-2022-23725 | 1 Pingidentity | 1 Pingid Integration For Windows Login | 2023-07-13 | 2.1 LOW | 5.5 MEDIUM |
| PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances. | |||||
| CVE-2022-23719 | 1 Pingidentity | 1 Pingid Integration For Windows Login | 2023-07-03 | 6.9 MEDIUM | 6.4 MEDIUM |
| PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests. An attacker with the ability to execute code on the target machine maybe able to exploit and spoof the local Java service using multiple attack vectors. A successful attack can lead to code executed as SYSTEM by the PingID Windows Login application, or even a denial of service for offline security key authentication. | |||||
| CVE-2022-23724 | 1 Pingidentity | 1 Pingid Integration For Windows Login | 2023-06-27 | 5.5 MEDIUM | 8.1 HIGH |
| Use of static encryption key material allows forging an authentication token to other users within a tenant organization. MFA may be bypassed by redirecting an authentication flow to a target user. To exploit the vulnerability, must have compromised user credentials. | |||||
| CVE-2021-26634 | 2 Linux, Maxb | 2 Linux Kernel, Maxboard | 2023-06-26 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation. Attackers can use these vulnerabilities to perform attacks such as stealing server management rights using a web shell. | |||||
| CVE-2021-35530 | 1 Hitachienergy | 2 Txpert Hub Coretec 4, Txpert Hub Coretec 4 Firmware | 2023-06-26 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's TXpert Hub CoreTec 4, that depends on a token validation of the session identifier, allows an unauthorized modified message to be executed in the server enabling an unauthorized actor to change an existing user password, and further gain authorized access into the system via login mechanism. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0 2.1.0; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1. | |||||