Total
314 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-3897 | 2 Ibm, Lenovo | 10 Nextscale Fan Power Controller, Nextscale Fan Power Controller Firmware, Nextscale N1200 Enclosure and 7 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware during an that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected. | |||||
| CVE-2021-3849 | 2 Ibm, Lenovo | 10 Nextscale Fan Power Controller, Nextscale Fan Power Controller Firmware, Nextscale N1200 Enclosure and 7 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected. | |||||
| CVE-2021-36308 | 1 Dell | 1 Networking Os10 | 2024-11-21 | 9.3 HIGH | 5.9 MEDIUM |
| Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system. | |||||
| CVE-2021-35530 | 1 Hitachienergy | 2 Txpert Hub Coretec 4, Txpert Hub Coretec 4 Firmware | 2024-11-21 | 7.2 HIGH | 6.0 MEDIUM |
| A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's TXpert Hub CoreTec 4, that depends on a token validation of the session identifier, allows an unauthorized modified message to be executed in the server enabling an unauthorized actor to change an existing user password, and further gain authorized access into the system via login mechanism. This issue affects: Hitachi Energy TXpert Hub CoreTec 4 version 2.0.0 2.1.0; 2.1.0; 2.1.1; 2.1.2; 2.1.3; 2.2.0; 2.2.1. | |||||
| CVE-2021-34977 | 1 Netgear | 2 R7000, R7000 Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP requests. The issue results from the lack of proper authentication verification before performing a password reset. An attacker can leverage this vulnerability to reset the admin password. Was ZDI-CAN-13483. | |||||
| CVE-2021-33700 | 1 Sap | 1 Business One | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take substantial control of the vulnerable application. | |||||
| CVE-2021-33017 | 1 Philips | 4 Intellibridge Ec40, Intellibridge Ec40 Firmware, Intellibridge Ec80 and 1 more | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) requires authentication, but the product has an alternate path or channel that does not require authentication. | |||||
| CVE-2021-32986 | 1 Automationdirect | 40 C0-10are-d, C0-10are-d Firmware, C0-10dd1e-d and 37 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout. If the programming software is interrupted, the PLC remains unlocked. All subsequent programming connections are allowed without authorization. The PLC is only relocked by a power cycle, or when the programming software disconnects correctly. | |||||
| CVE-2021-32984 | 1 Automationdirect | 40 C0-10are-d, C0-10are-d Firmware, C0-10dd1e-d and 37 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| All programming connections receive the same unlocked privileges, which can result in a privilege escalation. During the time Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, an attacker can connect to the PLC and read the project without authorization. | |||||
| CVE-2021-32980 | 1 Automationdirect | 40 C0-10are-d, C0-10are-d Firmware, C0-10dd1e-d and 37 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect against additional software programming connections. An attacker can connect to the PLC while an existing connection is already active. | |||||
| CVE-2021-32967 | 1 Deltaww | 1 Diaenergie | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new administrative user without being authenticated or authorized, which may allow the attacker to log in and use the device with administrative privileges. | |||||
| CVE-2021-32958 | 1 Claroty | 1 Secure Remote Access | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, subsequently allowing them to generate valid session tokens for the web user interface (UI). With access to the web UI an attacker can access assets managed by the SRA installation and could compromise the installation. | |||||
| CVE-2021-31559 | 1 Splunk | 1 Splunk | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders. | |||||
| CVE-2021-28131 | 1 Apache | 1 Impala | 2024-11-21 | 6.0 MEDIUM | 7.5 HIGH |
| Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another user. However, these secrets appear in the Impala logs, therefore Impala users with access to the logs can use another authenticated user's sessions with specially constructed requests. This means the attacker is able to execute statements for which they don't have the necessary privileges otherwise. Impala deployments with Apache Sentry or Apache Ranger authorization enabled may be vulnerable to privilege escalation if an authenticated attacker is able to hijack a session or query from another authenticated user with privileges not assigned to the attacker. Impala deployments with audit logging enabled may be vulnerable to incorrect audit logging as a user could undertake actions that were logged under the name of a different authenticated user. Constructing an attack requires a high degree of technical sophistication and access to the Impala system as an authenticated user. Mitigation: If an Impala deployment uses Apache Sentry, Apache Ranger or audit logging, then users should upgrade to a version of Impala with the fix for IMPALA-10600. The Impala 4.0 release includes this fix. This hides session secrets from the logs to eliminate the risk of any attack using this mechanism. In lieu of an upgrade, restricting access to logs that expose secrets will reduce the risk of an attack. Restricting access to the Impala deployment to trusted users will also reduce the risk of an attack. Log redaction techniques can be used to redact secrets from the logs. | |||||
| CVE-2021-27453 | 1 Mesalabs | 1 Amegaview | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
| Mesa Labs AmegaView Versions 3.0 uses default cookies that could be set to bypass authentication to the web application, which may allow an attacker to gain access. | |||||
| CVE-2021-26634 | 2 Linux, Maxb | 2 Linux Kernel, Maxboard | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation. Attackers can use these vulnerabilities to perform attacks such as stealing server management rights using a web shell. | |||||
| CVE-2021-21952 | 1 Anker | 2 Eufy Homebase 2, Eufy Homebase 2 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to increased privileges. | |||||
| CVE-2020-6091 | 1 Epson | 2 Eb-1470ui, Eb-1470ui Firmware | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2020-5384 | 1 Rsa | 1 Multifactor Authentication Agent | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
| Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Windows contains an Authentication Bypass vulnerability. A local unauthenticated attacker could potentially exploit this vulnerability by using an alternate path to bypass authentication in order to gain full access to the system. | |||||
| CVE-2020-4050 | 3 Debian, Fedoraproject, Wordpress | 3 Debian Linux, Fedora, Wordpress | 2024-11-21 | 6.0 MEDIUM | 3.5 LOW |
| In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved. It does require an admin to install a plugin that would misuse the filter. Once installed, it can be leveraged by low privileged users. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34). | |||||