VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 101 of 121
  • CVE-2012-2983Sep 11, 2012
    risk 0.00cvss epss 0.20

    file/edit_html.cgi in Webmin 1.590 and earlier does not perform an authorization check before showing a file's unedited contents, which allows remote attackers to read arbitrary files via the file field.

  • CVE-2012-4392Sep 5, 2012
    risk 0.00cvss epss 0.03

    index.php in ownCloud 4.0.7 does not properly validate the oc_token cookie, which allows remote attackers to bypass authentication via a crafted oc_token cookie value.

  • CVE-2012-4741Aug 31, 2012
    risk 0.00cvss epss 0.01

    The RADIUS extension in PacketFence before 3.3.0 uses a different user name than is used for authentication for users with custom VLAN assignment extensions, which allows remote attackers to spoof user identities via the User-Name RADIUS attribute.

  • CVE-2012-2285Aug 29, 2012
    risk 0.00cvss epss 0.01

    EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, and Cloud Tiering Appliance Virtual Edition (CTA/VE) 9.0 and earlier, allows remote attackers to obtain GUI administrative access by sending a crafted file during the authentication phase.

  • CVE-2012-3416Aug 25, 2012
    risk 0.00cvss epss 0.05

    Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname.

  • CVE-2012-4604Aug 23, 2012
    risk 0.00cvss epss 0.01

    The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to…

  • CVE-2012-4599Aug 22, 2012
    risk 0.00cvss epss 0.04

    McAfee SmartFilter Administration, and SmartFilter Administration Bess Edition, before 4.2.1.01 does not require authentication for access to the JBoss Remote Method Invocation (RMI) interface, which allows remote attackers to execute arbitrary code via a crafted .war file.

  • CVE-2012-4595Aug 22, 2012
    risk 0.00cvss epss 0.03

    McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to bypass authentication and obtain an admin session ID via unspecified vectors.

  • CVE-2012-4581Aug 22, 2012
    risk 0.00cvss epss 0.01

    McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, does not disable the server-side session token upon the closing of the Management Console/Dashboard, which makes it easier for remote attackers…

  • CVE-2011-5100Aug 22, 2012
    risk 0.00cvss epss 0.01

    The web interface in McAfee Firewall Reporter before 5.1.0.13 does not properly implement cookie authentication, which allows remote attackers to obtain access, and disable anti-virus functionality, via an HTTP request.

  • CVE-2009-5116Aug 22, 2012
    risk 0.00cvss epss 0.02

    McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client account.

  • CVE-2012-2132Aug 20, 2012
    risk 0.00cvss epss 0.02

    libsoup 2.32.2 and earlier does not validate certificates or clear the trust flag when the ssl-ca-file does not exist, which allows remote attackers to bypass authentication by connecting with a SSL connection.

  • CVE-2012-3024Aug 16, 2012
    risk 0.00cvss epss 0.02

    Tridium Niagara AX Framework through 3.6 uses predictable values for (1) session IDs and (2) keys, which might allow remote attackers to bypass authentication via a brute-force attack.

  • CVE-2012-3473Aug 12, 2012
    risk 0.00cvss epss 0.02

    The (1) reports API and (2) administration feature in the comments API in the Ushahidi Platform before 2.5 do not require authentication, which allows remote attackers to generate reports and organize comments via API functions.

  • CVE-2012-3472Aug 12, 2012
    risk 0.00cvss epss 0.01

    The email API in application/libraries/api/MY_Email_Api_Object.php in the Ushahidi Platform before 2.5 does not require authentication, which allows remote attackers to list, delete, or organize messages via a GET request.

  • CVE-2012-2963Aug 12, 2012
    risk 0.00cvss epss 0.02

    The administrative interface in the embedded web server on the BreakingPoint Storm appliance before 3.0 does not require authentication for the gwt/BugReport script, which allows remote attackers to obtain sensitive information by downloading a .tgz file.

  • CVE-2012-3424Aug 8, 2012
    risk 0.00cvss epss 0.02

    The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of…

  • CVE-2012-2498Aug 6, 2012
    risk 0.00cvss epss 0.00

    Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ensure that authentication makes use of a legitimate certificate, which allows user-assisted man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29197.

  • CVE-2012-3408Aug 6, 2012
    risk 0.00cvss epss 0.02

    lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote attackers to spoof an agent by acquiring a previously used IP address.

  • CVE-2012-3885Jul 26, 2012
    risk 0.00cvss epss 0.01

    The default configuration of AirDroid 1.0.4 beta uses a four-character alphanumeric password, which makes it easier for remote attackers to obtain access via a brute-force attack.