Lucene search
K

459 matches found

CVE
CVE
added 2022/03/08 1:46 p.m.100 views

CVE-2022-24932

The CVE-2022-24932 entry concerns Samsung Setup wizard: an Improper Protection of Alternate Path vulnerability in the Setup wizard process allows a physical attacker to install packages before the wizard completes. Affected versions are Setup wizard versions prior to SMR Mar-2022 Release 1. The u...

4.6CVSS4.5AI score0.00106EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/08 12:0 a.m.6 views

PT-2022-16994 · Unknown · Setupwizard

Name of the Vulnerable Software and Affected Versions: Setup wizard versions prior to SMR Mar-2022 Release 1 Description: The issue is related to an Improper Protection of Alternate Path vulnerability in the Setup wizard process. This vulnerability allows a physical attacker to install packages...

4.6CVSS4.3AI score0.00106EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.25 views

Rockwell Automation Allen-Bradley PowerMonitor 1000 Authentication Bypass Using an Alternate Path or Channel (CVE-2018-19616)

An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element. This plugin only works with Tenable.ot. Please visit...

8.1CVSS6.9AI score0.30295EPSS
Exploits4References7
Cvelist
Cvelist
added 2021/12/27 6:48 p.m.28 views

CVE-2021-33017 Philips IntelliBridge EC 40 and EC 80 Hub Authentication Bypass Using an Alternate Path or Channel

The standard access path of the IntelliBridge EC 40 and 60 Hub C.00.04 and prior requires authentication, but the product has an alternate path or channel that does not require authentication...

8.1CVSS8.9AI score0.00453EPSS
Exploits0References1
Huntr
Huntr
added 2021/10/13 10:51 a.m.25 views

in star7th/showdoc

Description - CWE: CWE-288:Authentication Bypass Using an Alternate Path or Channel - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L , CVSS Score: 8.3High - Credit:Qianxin, Network Security Department, Product-Safety Team Unc1e In showdoc, there is a SSO process , DOC is shown in...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/08/19 12:0 a.m.7 views

The vulnerability of the WordPress website content management system allows for bypassing authentication processes through alternative pathways or channels. This enables attackers to access sensitive data, compromise its integrity, and cause service interruptions.

The vulnerability of the WordPress website content management system is related to bypassing authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures...

8.5CVSS6AI score0.02805EPSS
Exploits0References6Affected Software3
OSV
OSV
added 2020/08/07 8:15 p.m.4 views

CVE-2020-16169

Authentication Bypass Using an Alternate Path or Channel in temi Robox OS prior to120, temi Android app up to 1.3.7931 allows remote attackers to gain elevated privileges on the temi and have it automatically answer the attacker's calls, granting audio, video, and motor control via unspecified...

9.8CVSS7.3AI score0.02436EPSS
Exploits1References2
NVD
NVD
added 2020/07/31 6:15 p.m.14 views

CVE-2020-5384

Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Windows contains an Authentication Bypass vulnerability. A local unauthenticated attacker could potentially exploit this vulnerability by using an alternate path to bypass authentication in order to gain full access to the system...

8.4CVSS8.6AI score0.00388EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/26 4:15 p.m.24 views

CVE-2020-14477 Philips Ultrasound Systems Authentication Bypass Using an Alternate Path or Channel

In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may use an alternate path or channel that does not require...

3.6CVSS4.9AI score0.00275EPSS
Exploits0References1
OSV
OSV
added 2020/05/21 11:15 p.m.27 views

CVE-2020-12693

Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user...

8.1CVSS6.7AI score
Exploits0References8
Prion
Prion
added 2020/05/21 11:15 p.m.24 views

Race condition

Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user...

5.1CVSS8.7AI score0.02257EPSS
Exploits0References8Affected Software4
CVE
CVE
added 2020/05/21 10:27 p.m.184 views

CVE-2020-12693

CVE-2020-12693 affects Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3. In the scenario where Message Aggregation is enabled, a race condition can allow an authentication bypass through an Alternate Path or Channel and enable a user to launch a process as an arbitrary user. The connected ...

8.1CVSS7.8AI score0.02257EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2020/05/21 10:27 p.m.29 views

CVE-2020-12693

Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user...

7.9AI score0.02257EPSS
Exploits0References8
Prion
Prion
added 2020/01/16 11:15 p.m.15 views

Authentication flaw

Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.0-1.3 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system...

2.1CVSS5AI score0.00389EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/03/21 4:0 p.m.2 views

CVE-2018-19783

Kentix MultiSensor-LAN 5.63.00 devices and previous allow Authentication Bypass via an Alternate Path or Channel...

9.8CVSS5.8AI score0.03636EPSS
Exploits3References2
Prion
Prion
added 2019/03/21 4:0 p.m.11 views

Authentication flaw

Kentix MultiSensor-LAN 5.63.00 devices and previous allow Authentication Bypass via an Alternate Path or Channel...

7.5CVSS9.5AI score0.03636EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2019/03/17 7:9 p.m.18 views

CVE-2018-19783

Kentix MultiSensor-LAN 5.63.00 devices and previous allow Authentication Bypass via an Alternate Path or Channel...

9.7AI score0.03636EPSS
Exploits3References2
OSV
OSV
added 2018/07/13 8:29 p.m.5 views

CVE-2016-9497

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many...

8.8CVSS5.8AI score0.02214EPSS
Exploits0References2
NVD
NVD
added 2000/01/12 5:0 a.m.19 views

CVE-2000-0048

getit program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program...

7.2CVSS6.6AI score0.01611EPSS
Exploits0References2
Rows per page
Query Builder