The product uses an authentication mechanism to restrict access to specific users or identities, but the mechanism does not sufficiently prove that the claimed identity is correct.
81 vulnerabilities with CWE-1390
CVE-2023-49340
CRITICAL
Newland Nquire 1000 Interactive Kiosk <V1.00.011 - Privilege Escala...
CVSS 9.8
CVE-2023-4094
MEDIUM
Fujitsu ARCONTE Aurea 1.5.0.0 - Denial of Service via Account Lockout Bypass
CVSS 6.5
CVE-2023-41900
LOW
Eclipse Jetty 9.4.21-9.4.51, 10.0.15, 11.0.15 - Weak Authentication via OpenIdAuthenticator LoginService Bypass
CVSS 3.5
CVE-2023-24890
MEDIUM
Microsoft OneDrive - Privilege Escalation
CVSS 6.5
CVE-2022-45860
MEDIUM
FortiNAC 7.2.0, 8.7-9.4.2 and FortiNAC-F 7.2.0 - Unauthenticated Weak Authentication in Device Registration
CVSS 5.3
CVE-2022-43400
CRITICAL
Siveillance Video Mobile Server <V2022 R2 - Info Disclosure
CVSS 9.8
Details
Vulnerabilities
81