When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
4,372 vulnerabilities with CWE-287
CVE-2020-12848
MEDIUM
Pydio Cells 2.0.4 - Info Disclosure
CVSS 5.4
CVE-2020-3216
MEDIUM
Cisco IOS XE SD-WAN - Unauthenticated Authentication Bypass via Boot Initialization Interruption
CVSS 6.8
CVE-2020-1833
LOW
Honor 9X <9.1.1.172(C00E170R8P1 - Auth Bypass
CVSS 2.4
CVE-2020-1798
MEDIUM
HUAWEI P30 <10.1.0.135(C00E135R2P11 - Privilege Escalation
CVSS 4.6
CVE-2020-8606
CRITICAL
Trend Micro InterScan Web Security Virtual Appliance 6.5 - Auth Bypass
CVSS 9.8
CVE-2020-6091
CRITICAL
Epson EB-1470Ui Firmware MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303 - Authentication Bypass via HTTP Request
CVSS 9.1
CVE-2020-11551
HIGH
NETGEAR Orbi Tri-Band Business WiFi - Unauthenticated RCE
CVSS 8.8
CVE-2020-9073
LOW
Huawei P20 Firmware < 10.0.0.156(C00E156R1P4) - Improper Authentication
CVSS 2.4
CVE-2020-12874
CRITICAL
Veritas APTARE < 10.4 - Improper Authentication via Hardcoded Credentials
CVSS 9.8
CVE-2020-2018
CRITICAL
PAN-OS 7.1.0-7.1.25 - Authentication Bypass via Panorama Context Switching
CVSS 9.0
CVE-2020-1718
HIGH
Keycloak <8.0.0 - Privilege Escalation
CVSS 7.1
CVE-2020-10916
HIGH
TP-Link TL-WA855RE Firmware <1.0.1-P1 - Privilege Escalation
CVSS 8.0
CVE-2020-4427
CRITICAL
KEV
IBM Data Risk Manager 2.0.1-2.0.6 - Authentication Bypass via SAML Misconfiguration
CVSS 9.8
CVE-2020-3125
CRITICAL
Cisco ASA Software <9.8.4.15 - Kerberos Auth Bypass via KDC Spoofing
CVSS 9.8
CVE-2020-5727
MEDIUM
SimpliSafe SS3 Firmware < 1.6 - Unauthenticated Authentication Bypass via Rogue Keypad Pairing
CVSS 4.6
CVE-2020-11020
HIGH
Faye <1.0.4, <1.1.3, <1.2.5 - Auth Bypass
CVSS 8.5
CVE-2020-5567
HIGH
Cybozu Garoon <4.10.3 - Info Disclosure
CVSS 7.5
CVE-2020-5563
MEDIUM
Cybozu Garoon <4.10.3 - Info Disclosure
CVSS 5.3
CVE-2020-9294
CRITICAL
FortiMail Unauthenticated Login Bypass Scanner
CVSS 9.8
CVE-2020-9068
CRITICAL
Huawei AR3200 Firmware V200R007/009 - Improper Authentication
CVSS 9.8
CVE-2020-11796
CRITICAL
JetBrains Space < 2020-04-22 - Improper Authentication
CVSS 9.8
CVE-2020-5268
MEDIUM
Sustainsys.Saml2 < 1.0.2 and 2.0.0-2.6.0 - Improper Authentication via Token Subject Confirmation Bypass
CVSS 6.5
CVE-2020-11965
CRITICAL
IQrouter Firmware < 3.3.1 - Unauthenticated Remote Root Access via Default SSH Account
CVSS 9.8
CVE-2020-11964
HIGH
IQrouter < 3.3.1 - Unauthenticated Root Password Change via diag_set_password
CVSS 7.5
CVE-2020-9277
CRITICAL
D-Link DSL-2640B B2 EU_4.01B - Unauthenticated Authentication Bypass via CGI Modules
CVSS 9.8
Details
Vulnerabilities
4,372
Exploit Likelihood
High