Vulnerabilities (CVE)

Filtered by CWE-287
Total 2482 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-39226 1 Grafana 1 Grafana 2021-10-19 6.8 MEDIUM 7.3 HIGH
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public_mode" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot "public_mode" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.
CVE-2021-37123 1 Huawei 2 Hero-ct060, Hero-ct060 Firmware 2021-10-18 7.5 HIGH 9.8 CRITICAL
There is an improper authentication vulnerability in Hero-CT060 before 1.0.0.200. The vulnerability is due to that when an user wants to do certain operation, the software does not insufficiently validate the user's identity. Successful exploit could allow the attacker to do certain operations which the user are supposed not to do.
CVE-2021-35979 1 Digi 37 6350-sr, 6350-sr Firmware, Cm and 34 more 2021-10-15 6.8 MEDIUM 8.1 HIGH
An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication.
CVE-2021-20375 1 Ibm 1 Sterling B2b Integrator 2021-10-15 4.0 MEDIUM 6.5 MEDIUM
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567.
CVE-2021-20372 1 Ibm 1 Sterling B2b Integrator 2021-10-15 4.0 MEDIUM 4.3 MEDIUM
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to cause a denial of another user's service due to insufficient permission checking. IBM X-Force ID: 195518.
CVE-2021-30640 3 Apache, Debian, Oracle 3 Tomcat, Debian Linux, Communications Diameter Signaling Router 2021-10-15 5.8 MEDIUM 6.5 MEDIUM
A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.
CVE-2020-19003 1 Liftoffsoftware 1 Gate One 2021-10-14 5.0 MEDIUM 5.3 MEDIUM
An issue in Gate One 1.2.0 allows attackers to bypass to the verification check done by the origins list and connect to Gate One instances used by hosts not on the origins list.
CVE-2021-23857 1 Bosch 24 Rexroth Indramotion Mlc L20, Rexroth Indramotion Mlc L20 Firmware, Rexroth Indramotion Mlc L25 and 21 more 2021-10-14 10.0 HIGH 9.8 CRITICAL
Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the system.
CVE-2021-29908 1 Ibm 2 Ts7700, Ts7700 Firmware 2021-10-14 10.0 HIGH 9.8 CRITICAL
The IBM TS7700 Management Interface is vulnerable to unauthenticated access. By accessing a specially-crafted URL, an attacker may gain administrative access to the Management Interface without authentication. IBM X-Force ID: 207747.
CVE-2021-41126 1 Octobercms 1 October 2021-10-14 6.5 MEDIUM 7.2 HIGH
October is a Content Management System (CMS) and web platform built on the the Laravel PHP Framework. In affected versions administrator accounts which had previously been deleted may still be able to sign in to the backend using October CMS v2.0. The issue has been patched in v2.1.12 of the october/october package. There are no workarounds for this issue and all users should update.
CVE-2021-38618 1 Gfos 1 Workforce Management 2021-10-14 6.8 MEDIUM 8.1 HIGH
In GFOS Workforce Management 4.8.272.1, the login page of application is prone to authentication bypass, allowing anyone (who knows a user's credentials except the password) to get access to an account. This occurs because of JSESSIONID mismanagement.
CVE-2021-25484 1 Google 1 Android 2021-10-13 2.1 LOW 3.3 LOW
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.
CVE-2021-37331 1 Bookingcore 1 Booking Core 2021-10-12 5.0 MEDIUM 5.3 MEDIUM
Laravel Booking System Booking Core 2.0 is vulnerable to Incorrect Access Control. On the Verifications page, after uploading an ID Card or Trade License and viewing it, ID Cards and Trade Licenses of other vendors/users can be viewed by changing the URL.
CVE-2021-39872 1 Gitlab 1 Gitlab 2021-10-12 4.0 MEDIUM 6.5 MEDIUM
In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration.
CVE-2019-12405 1 Apache 1 Traffic Control 2021-10-12 6.8 MEDIUM 9.8 CRITICAL
Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without that user's correct password.
CVE-2021-41286 1 Omikron 1 Multicash 2021-10-09 4.6 MEDIUM 7.8 HIGH
Omikron MultiCash Desktop 4.00.008.SP5 relies on a client-side authentication mechanism. When a user logs into the application, the validity of the password is checked locally. All communication to the database backend is made via the same technical account. Consequently, an attacker can attach a debugger to the process or create a patch that manipulates the behavior of the login function. When the function always returns the success value (corresponding to a correct password), an attacker can login with any desired account, such as the administrative account of the application.
CVE-2021-29758 1 Ibm 1 Sterling B2b Integrator 2021-10-08 4.0 MEDIUM 4.3 MEDIUM
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to perform actions that they should not be able to access due to improper access controls. IBM X-Force ID: 202169.
CVE-2021-35296 1 Ptcl 2 Hg150-ub, Hg150-ub Firmware 2021-10-08 7.5 HIGH 9.8 CRITICAL
An issue in the administrator authentication panel of PTCL HG150-Ub v3.0 allows attackers to bypass authentication via modification of the cookie value and Response Path.
CVE-2021-24017 1 Fortinet 1 Fortimanager 2021-10-08 4.0 MEDIUM 4.3 MEDIUM
An improper authentication in Fortinet FortiManager version 6.4.3 and below, 6.2.6 and below allows attacker to assign arbitrary Policy and Object modules via crafted requests to the request handler.
CVE-2020-24675 1 Abb 2 Symphony \+ Historian, Symphony \+ Operations 2021-10-07 7.5 HIGH 9.8 CRITICAL
In S+ Operations and S+ History, it is possible that an unauthenticated user could inject values to the Operations History server (or standalone S+ History server) and ultimately write values to the controlled process.