Search
Total
634 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-3531 | 1 Cisco | 1 Iot Field Network Director | 2020-12-02 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to access the back-end database of an affected system. The vulnerability exists because the affected software does not properly authenticate REST API calls. An attacker could exploit this vulnerability by obtaining a cross-site request forgery (CSRF) token and then using the token with REST API requests. A successful exploit could allow the attacker to access the back-end database of the affected device and read, alter, or drop information. | |||||
| CVE-2020-3392 | 1 Cisco | 1 Iot Field Network Director | 2020-12-01 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive information on an affected system. The vulnerability exists because the affected software does not properly authenticate API calls. An attacker could exploit this vulnerability by sending API requests to an affected system. A successful exploit could allow the attacker to view sensitive information on the affected system, including information about the devices that the system manages, without authentication. | |||||
| CVE-2020-20627 | 1 Impress | 1 Givewp | 2020-10-26 | 5.0 MEDIUM | 5.3 MEDIUM |
| The includes/gateways/stripe/includes/admin/admin-actions.php in GiveWP plugin through 2.5.9 for WordPress allows unauthenticated settings change. | |||||
| CVE-2020-10282 | 1 Dronecode | 1 Micro Air Vehicle Link | 2020-10-23 | 7.5 HIGH | 9.8 CRITICAL |
| The Micro Air Vehicle Link (MAVLink) protocol presents no authentication mechanism on its version 1.0 (nor authorization) whichs leads to a variety of attacks including identity spoofing, unauthorized access, PITM attacks and more. According to literature, version 2.0 optionally allows for package signing which mitigates this flaw. Another source mentions that MAVLink 2.0 only provides a simple authentication system based on HMAC. This implies that the flying system overall should add the same symmetric key into all devices of network. If not the case, this may cause a security issue, that if one of the devices and its symmetric key are compromised, the whole authentication system is not reliable. | |||||
| CVE-2020-7369 | 1 Yandex | 1 Yandex Browser | 2020-10-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Yandex Browser version 20.8.3 and prior versions, and was fixed in version 20.8.4 released October 1, 2020. | |||||
| CVE-2020-7370 | 1 Boltbrowser | 1 Bolt Browser | 2020-10-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of Danyil Vasilenko's Bolt Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Bolt Browser version 1.4 and prior versions. | |||||
| CVE-2020-3598 | 1 Cisco | 1 Vision Dynamic Signage Director | 2020-10-20 | 6.4 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. The vulnerability is due to missing authentication for a specific section of the web-based management interface. An attacker could exploit this vulnerability by accessing a crafted URL. A successful exploit could allow the attacker to obtain access to a section of the interface, which they could use to read confidential information or make configuration changes. | |||||
| CVE-2020-26567 | 1 D-link | 2 Dsr-250n, Dsr-250n Firmware | 2020-10-19 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered on D-Link DSR-250N before 3.17B devices. The CGI script upgradeStatusReboot.cgi can be accessed without authentication. Any access reboots the device, rendering it therefore unusable for several minutes. | |||||
| CVE-2019-1897 | 1 Cisco | 6 Rv110w, Rv110w Firmware, Rv130w and 3 more | 2020-10-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to disconnect clients that are connected to the guest network on an affected router. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing the URL for device disconnection and providing the connected device information. A successful exploit could allow the attacker to deny service to specific clients that are connected to the guest network. | |||||
| CVE-2019-5643 | 1 Gatech | 1 Computing For Good\'s Basic Laboratory Information System | 2020-10-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may enumerate the user names and facility names in use on a particular installation. | |||||
| CVE-2019-15068 | 1 Gigastone | 2 Smart Battery A4, Smart Battery A4 Firmware | 2020-10-16 | 10.0 HIGH | 9.8 CRITICAL |
| A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 allows an attacker to get/reset administrator’s password without any authentication. | |||||
| CVE-2019-1654 | 1 Cisco | 6 Aironet 1540, Aironet 1560, Aironet 1800 and 3 more | 2020-10-16 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series Access Points (APs) running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without proper authentication, which allows for root access to the underlying Linux OS. The attacker would need valid device credentials. The vulnerability exists because the software improperly validates user-supplied input at the CLI authentication prompt for development shell access. An attacker could exploit this vulnerability by authenticating to the device and entering crafted input at the CLI. A successful exploit could allow the attacker to access the AP development shell without proper authentication, which allows for root access to the underlying Linux OS. Software versions prior to 8.3.150.0, 8.5.135.0, and 8.8.100.0 are affected. | |||||
| CVE-2019-3899 | 2 Heketi Project, Redhat | 2 Heketi, Openshift Container Platform | 2020-10-15 | 7.5 HIGH | 9.8 CRITICAL |
| It was found that default configuration of Heketi does not require any authentication potentially exposing the management interface to misuse. This isue only affects heketi as shipped with Openshift Container Platform 3.11. | |||||
| CVE-2020-19670 | 1 Niushop | 1 Niushop | 2020-10-14 | 4.0 MEDIUM | 4.9 MEDIUM |
| In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication can be bypassed, causing administrators to reset any passwords. | |||||
| CVE-2019-12634 | 1 Cisco | 3 Integrated Management Controller Supervisor, Ucs Director, Ucs Director Express For Big Data | 2020-10-08 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a missing authentication check in an API call. An attacker who can send a request to an affected system could cause all currently authenticated users to be logged off. Repeated exploitation could cause the inability to maintain a session in the web-based management portal. | |||||
| CVE-2019-6538 | 1 Medtronic | 40 Amplia Crt-d, Amplia Crt-d Firmware, Carelink 2090 and 37 more | 2020-10-06 | 3.3 LOW | 6.5 MEDIUM |
| The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement authentication or authorization. An attacker with adjacent short-range access to an affected product, in situations where the product’s radio is turned on, can inject, replay, modify, and/or intercept data within the telemetry communication. This communication protocol provides the ability to read and write memory values to affected implanted cardiac devices; therefore, an attacker could exploit this communication protocol to change memory in the implanted cardiac device. | |||||
| CVE-2020-9487 | 1 Apache | 1 Nifi | 2020-10-05 | 5.0 MEDIUM | 7.5 HIGH |
| In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed cache size and did not authenticate a request to create a download token, only when attempting to use the token to access the content. An unauthenticated user could repeatedly request download tokens, preventing legitimate users from requesting download tokens. | |||||
| CVE-2019-15043 | 1 Grafana | 1 Grafana | 2020-10-04 | 5.0 MEDIUM | 7.5 HIGH |
| In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana. | |||||
| CVE-2019-10950 | 1 Fujifilm | 6 Cr-ir 357 Fcr Capsula X, Cr-ir 357 Fcr Capsula X Firmware, Cr-ir 357 Fcr Carbon X and 3 more | 2020-10-02 | 10.0 HIGH | 9.8 CRITICAL |
| Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X provide insecure telnet services that lack authentication requirements. An attacker who successfully exploits this vulnerability may be able to access the underlying operating system. | |||||
| CVE-2019-10915 | 1 Siemens | 2 Sinetplan, Tia Administrator | 2020-10-02 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. | |||||
| CVE-2019-10198 | 2 Redhat, Theforeman | 2 Satellite, Foreman-tasks | 2020-09-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously, commit tasks were searched through find_resource, which performed authorization checks. After the change to Foreman, an unauthenticated user can view the details of a task through the web UI or API, if they can discover or guess the UUID of the task. | |||||
| CVE-2020-3977 | 1 Vmware | 1 Horizon Daas | 2020-09-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. Successful exploitation of this issue may allow an attacker to bypass two-factor authentication process. In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS. | |||||
| CVE-2019-16004 | 1 Cisco | 1 Vision Dynamic Signage Director | 2020-09-28 | 6.4 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerability by sending a request to one of the affected calls. A successful exploit could allow the attacker to interact with some parts of the API. | |||||
| CVE-2018-17906 | 1 Philips | 2 Intellispace Pacs, Isite Pacs | 2020-09-18 | 3.3 LOW | 8.8 HIGH |
| Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all versions. Default credentials and no authentication within third party software may allow an attacker to compromise a component of the system. | |||||
| CVE-2020-13289 | 1 Gitlab | 1 Gitlab | 2020-09-16 | 5.5 MEDIUM | 5.4 MEDIUM |
| A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. In certain cases an invalid username could be accepted when 2FA is activated. | |||||
| CVE-2020-5780 | 1 Icegram | 1 Email Subscribers \& Newsletters | 2020-09-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| Missing Authentication for Critical Function in Icegram Email Subscribers & Newsletters Plugin for WordPress prior to version 4.5.6 allows a remote, unauthenticated attacker to conduct unauthenticated email forgery/spoofing. | |||||
| CVE-2020-24363 | 1 Tp-link | 2 Tl-wa855re, Tl-wa855re Firmware | 2020-09-08 | 8.3 HIGH | 8.8 HIGH |
| TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password. | |||||
| CVE-2018-0127 | 1 Cisco | 4 Rv132w, Rv132w Firmware, Rv134w and 1 more | 2020-09-04 | 5.0 MEDIUM | 9.8 CRITICAL |
| A vulnerability in the web interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to view configuration parameters for an affected device, which could lead to the disclosure of confidential information. The vulnerability is due to the absence of user authentication requirements for certain pages that are part of the web interface and contain confidential information for an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device and examining the HTTP response to the request. A successful exploit could allow the attacker to view configuration parameters, including the administrator password, for the affected device. Cisco Bug IDs: CSCvg92739, CSCvh60172. | |||||
| CVE-2020-6294 | 2 Opengroup, Sap | 2 Unix, Businessobjects Business Intelligence Platform | 2020-09-02 | 6.4 MEDIUM | 9.1 CRITICAL |
| Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix does not perform any authentication checks for functionalities that require user identity. | |||||
| CVE-2020-16167 | 1 Robotemi | 1 Launcher Os | 2020-09-02 | 6.4 MEDIUM | 9.1 CRITICAL |
| Missing Authentication for Critical Function in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to receive and answer calls intended for another temi user. Answering the call this way grants motor control of the temi in addition to audio/video via unspecified vectors. | |||||
| CVE-2018-1501 | 1 Ibm | 1 Security Guardium | 2020-08-28 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Guardium 10.5, 10.6, and 11.0 could allow an unauthorized user to obtain sensitive information due to missing security controls. IBM X-Force ID: 141226. | |||||
| CVE-2020-9062 | 1 Dieboldnixdorf | 2 Probase, Procash 2100xe | 2020-08-27 | 2.1 LOW | 5.3 MEDIUM |
| Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 do not encrypt, authenticate, or verify the integrity of messages between the CCDM and the host computer, allowing an attacker with physical access to internal ATM components to commit deposit forgery by intercepting and modifying messages to the host computer, such as the amount and value of currency being deposited. | |||||
| CVE-2019-12128 | 1 Onap | 1 Open Network Automation Platform | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| In ONAP SO through Dublin, by accessing an applicable port (30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271), an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager (OOM) setups are affected. | |||||
| CVE-2018-13114 | 1 Keruigroup | 2 Ypc99, Ypc99 Firmware | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Missing authentication and improper input validation in KERUI Wifi Endoscope Camera (YPC99) allow an attacker to execute arbitrary commands (with a length limit of 19 characters) via the "ssid" value, as demonstrated by ssid:;ping 192.168.1.2 in the body of a SETSSID command. | |||||
| CVE-2018-1745 | 1 Ibm | 1 Security Key Lifecycle Manager | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| IBM Security Key Lifecycle Manager 2.7 and 3.0 could allow an unauthenticated user to restart the SKLM server due to missing authentication. IBM X-Force ID: 148424. | |||||
| CVE-2018-1757 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 could allow an attacker to obtain sensitive information due to missing authentication in IGI for the survey application. IBM X-Force ID: 148601. | |||||
| CVE-2018-17880 | 1 D-link | 2 Dir-823g, Dir-823g Firmware | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 RunReboot commands without authentication to trigger a reboot. | |||||
| CVE-2019-10886 | 1 Sony | 89 Kdl-50w800c, Kdl-50w805c, Kdl-50w807c and 86 more | 2020-08-24 | 4.3 MEDIUM | 5.9 MEDIUM |
| An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs). This vulnerability allows an attacker to read arbitrary files without authentication over HTTP when Photo Sharing Plus application is running. This may allow an attacker to browse a particular directory (e.g. images) inside the private network. | |||||
| CVE-2019-16243 | 1 Alcatelmobile | 2 Cingular Flip 2, Cingular Flip 2 Firmware | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. (This web API is normally used by the system application to trigger firmware updates via OmaService.js.) | |||||
| CVE-2019-16199 | 1 Eq-3 | 4 Homematic Ccu2, Homematic Ccu2 Firmware, Homematic Ccu3 and 1 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process. | |||||
| CVE-2019-10946 | 1 Joomla | 1 Joomla\! | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of com_users lacks access checks, allowing calls from unauthenticated users. | |||||
| CVE-2019-11061 | 1 Asus | 2 Hg100, Hg100 Firmware | 2020-08-24 | 4.8 MEDIUM | 8.1 HIGH |
| A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). | |||||
| CVE-2019-11063 | 1 Asus | 1 Smarthome | 2020-08-24 | 8.3 HIGH | 8.8 HIGH |
| A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway (HG100) via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). | |||||
| CVE-2019-15932 | 1 Intesync | 1 Solismed | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Intesync Solismed 3.3sp has Incorrect Access Control. | |||||
| CVE-2019-15895 | 1 Search Exclude Project | 1 Search Exclude | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes. | |||||
| CVE-2019-15858 | 1 Webcraftic | 1 Woody Ad Snippets | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution. | |||||
| CVE-2019-15819 | 1 Restaurant Reservations Project | 1 Restaurant Reservations | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The nd-restaurant-reservations plugin before 1.5 for WordPress has no requirement for nd_rst_import_settings_php_function authentication. | |||||
| CVE-2019-11321 | 1 Motorola | 4 Cx2, Cx2 Firmware, M2 and 1 more | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices. | |||||
| CVE-2019-15106 | 1 Zohocorp | 1 Manageengine Opmanager | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Zoho ManageEngine OpManager in builds before 14310. One can bypass the user password requirement and execute commands on the server. The "username+'@opm' string is used for the password. For example, if the username is admin, the password is admin@opm. | |||||
| CVE-2019-15102 | 1 Sahipro | 1 Sahi Pro | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. TestRunner_Non_distributed (and distributed end points) does not have any authentication mechanism. This allow an attacker to execute an arbitrary script on the remote Sahi Pro server. There is also a password-protected web interface intended for remote access to scripts. This web interface lacks server-side validation, which allows an attacker to create/modify/delete a script remotely without any password. Chaining both of these issues results in remote code execution on the Sahi Pro server. | |||||