Total
3376 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10603 | 1 Martem | 4 Telem-gw6, Telem-gw6 Firmware, Telem-gwm and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process. | |||||
| CVE-2018-10576 | 1 Watchguard | 6 Ap100, Ap100 Firmware, Ap102 and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. Improper authentication handling by the native Access Point web UI allows authentication using a local system account (instead of the dedicated web-only user). | |||||
| CVE-2018-10561 | 1 Dasannetworks | 2 Gpon Router, Gpon Router Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device. | |||||
| CVE-2018-10544 | 1 Meross | 2 Mss110, Mss110 Firmware | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| Meross MSS110 devices through 1.1.24 contain an unauthenticated admin.htm administrative interface. | |||||
| CVE-2018-10362 | 1 Phpliteadmin | 1 Phpliteadmin | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation (like '2e2' for '200' or '0e1234' for '0'). This is possible because, in the loose comparison case, PHP interprets the string as a number in scientific notation, and thus converts it to a number. After that, the comparison with '==' casts the user input (e.g., the string '200' or '0') to a number, too. Hence the attacker can login with just a '0' or a simple number he has to brute force. Strong comparison with '===' prevents the cast into numbers. | |||||
| CVE-2018-1000875 | 1 Berkeley | 1 Berkeley Open Infrastructure For Network Computing | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0.2 contains a CWE-302: Authentication Bypass by Assumed-Immutable Data vulnerability in Website Terms of Service Acceptance Page that can result in Access to any user account. This attack appear to be exploitable via Specially crafted URL. This vulnerability appears to have been fixed in 1.0.3. | |||||
| CVE-2018-0886 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability". | |||||
| CVE-2018-0676 | 1 Panasonic | 2 Bn-sdwbp3, Bn-sdwbp3 Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to bypass authentication to access to the management screen and execute an arbitrary command via unspecified vectors. | |||||
| CVE-2018-0670 | 1 Mnc | 1 Inplc-rt | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an arbitrary command through the protocol-compliant traffic. This is a different vulnerability than CVE-2018-0669. | |||||
| CVE-2018-0669 | 1 Mnc | 1 Inplc-rt | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an arbitrary command through the protocol-compliant traffic. This is a different vulnerability than CVE-2018-0670. | |||||
| CVE-2018-0528 | 1 Cybozu | 1 Office | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors. | |||||
| CVE-2018-0505 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock | |||||
| CVE-2018-0435 | 1 Cisco | 1 Umbrella | 2024-11-21 | 6.5 MEDIUM | 9.1 CRITICAL |
| A vulnerability in the Cisco Umbrella API could allow an authenticated, remote attacker to view and modify data across their organization and other organizations. The vulnerability is due to insufficient authentication configurations for the API interface of Cisco Umbrella. An attacker could exploit this vulnerability to view and potentially modify data for their organization or other organizations. A successful exploit could allow the attacker to read or modify data across multiple organizations. | |||||
| CVE-2018-0382 | 1 Cisco | 1 Wireless Lan Controller Software | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the session identification management functionality of the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. The vulnerability exists because the affected software does not properly clear previously assigned session identifiers for a user session when a user authenticates to the web-based interface. An attacker could exploit this vulnerability by using an existing session identifier to connect to the software through the web-based interface. Successful exploitation could allow the attacker to hijack an authenticated user's browser session on the system. Versions 8.1 and 8.5 are affected. | |||||
| CVE-2018-0362 | 1 Cisco | 42 5100 Enterprise Network Compute System, 5100 Enterprise Network Compute System Firmware, 5400 Enterprise Network Compute System and 39 more | 2024-11-21 | 4.6 MEDIUM | 4.3 MEDIUM |
| A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user. The vulnerability is due to improper security restrictions that are imposed by the affected system. An attacker could exploit this vulnerability by submitting an empty password value to an affected device's BIOS authentication prompt. An exploit could allow the attacker to have access to a restricted set of user-level BIOS commands. Cisco Bug IDs: CSCvh83260. | |||||
| CVE-2018-0321 | 1 Cisco | 3 Prime Collaboration, Prime Collaboration Assurance, Prime Collaboration Provisioning | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the Java Remote Method Invocation (RMI) system. The vulnerability is due to an open port in the Network Interface and Configuration Engine (NICE) service. An attacker could exploit this vulnerability by accessing the open RMI system on an affected PCP instance. An exploit could allow the attacker to perform malicious actions that affect PCP and the devices that are connected to it. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 11.6 and prior. Cisco Bug IDs: CSCvd61746. | |||||
| CVE-2018-0319 | 1 Cisco | 2 Prime Collaboration, Prime Collaboration Provisioning | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| A vulnerability in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of a password recovery request. An attacker could exploit this vulnerability by submitting a password recovery request and changing the password for any user on an affected system. An exploit could allow the attacker to gain administrative-level privileges on the affected system. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 11.6 and prior. Cisco Bug IDs: CSCvd07253. | |||||
| CVE-2018-0318 | 1 Cisco | 2 Prime Collaboration, Prime Collaboration Provisioning | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of a password reset request. An attacker could exploit this vulnerability by submitting a password reset request and changing the password for any user on an affected system. An exploit could allow the attacker to gain administrative-level privileges on the affected system. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 11.6 and prior. Cisco Bug IDs: CSCvd07245. | |||||
| CVE-2018-0271 | 1 Cisco | 1 Digital Network Architecture Center | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in the API gateway of the Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and access critical services. The vulnerability is due to a failure to normalize URLs prior to servicing requests. An attacker could exploit this vulnerability by submitting a crafted URL designed to exploit the issue. A successful exploit could allow the attacker to gain unauthenticated access to critical services, resulting in elevated privileges in DNA Center. This vulnerability affects Cisco DNA Center Software Releases prior to 1.1.2. Cisco Bug IDs: CSCvi09394. | |||||
| CVE-2018-0247 | 1 Cisco | 2 Aironet Access Point Software, Wireless Lan Controller Software | 2024-11-21 | 3.3 LOW | 4.7 MEDIUM |
| A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of authentication for WebAuth clients in a specific configuration. An attacker could exploit this vulnerability by sending traffic to local network resources without having gone through authentication. A successful exploit could allow the attacker to bypass authentication and pass traffic. This affects Cisco Aironet Access Points running Cisco IOS Software and Cisco Wireless LAN Controller (WLC) releases prior to 8.5.110.0 for the following specific WLC configuration only: (1) The Access Point (AP) is configured in FlexConnect Mode with NAT. (2) The WLAN is configured for central switching, meaning the client is being assigned a unique IP address. (3) The AP is configured with a Split Tunnel access control list (ACL) for access to local network resources, meaning the AP is doing the NAT on the connection. (4) The client is using WebAuth. This vulnerability does not apply to .1x clients in the same configuration. Cisco Bug IDs: CSCvc79502, CSCvf71789. | |||||