VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 102 of 121
  • CVE-2012-3884Jul 26, 2012
    risk 0.00cvss epss 0.01

    AirDroid 1.0.4 beta implements authentication through direct transmission of a password hash over HTTP, which makes it easier for remote attackers to obtain access by sniffing the local wireless network and then replaying the authentication data.

  • CVE-2012-3387Jul 23, 2012
    risk 0.00cvss epss 0.01

    Moodle 2.3.x before 2.3.1 uses only a client-side check for whether references are permitted in a file upload, which allows remote authenticated users to bypass intended alias (aka shortcut) restrictions via a client that omits this check.

  • CVE-2012-3356Jul 22, 2012
    risk 0.00cvss epss 0.02

    The remote SVN views functionality (lib/vclib/svn/svn_ra.py) in ViewVC before 1.1.15 does not properly perform authorization, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

  • CVE-2011-4590Jul 20, 2012
    risk 0.00cvss epss 0.01

    The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly consider the maintenance-mode state and account attributes during login attempts, which allows remote authenticated users to bypass intended access restrictions by connecting to…

  • CVE-2012-2974Jul 19, 2012
    risk 0.00cvss epss 0.03

    The web interface on the SMC SMC8024L2 switch allows remote attackers to bypass authentication and obtain administrative access via a direct request to a .html file under (1) status/, (2) system/, (3) ports/, (4) trunks/, (5) vlans/, (6) qos/, (7) rstp/, (8) dot1x/, (9)…

  • CVE-2012-0797Jul 17, 2012
    risk 0.00cvss epss 0.01

    The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote authenticated users to bypass the deleted status and continue using a server via a token.

  • CVE-2012-2351Jul 12, 2012
    risk 0.00cvss epss 0.02

    The default configuration of the auth/saml plugin in Mahara before 1.4.2 sets the "Match username attribute to Remote username" option to false, which allows remote SAML IdP servers to spoof users of other SAML IdP servers by using the same internal username.

  • CVE-2012-0215Jul 12, 2012
    risk 0.00cvss epss 0.02

    model/modelstorage.py in the Tryton application framework (trytond) before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a (1) create, (2)…

  • CVE-2012-0301Jul 5, 2012
    risk 0.00cvss epss 0.01

    Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to hijack web sessions via unspecified vectors.

  • CVE-2012-2281Jul 5, 2012
    risk 0.00cvss epss 0.01

    EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access Manager Agent do not properly validate session tokens after a logout, which might allow remote attackers to conduct replay attacks via unspecified vectors.

  • CVE-2012-1123Jun 29, 2012
    risk 0.00cvss epss 0.04

    The mci_check_login function in api/soap/mc_api.php in the SOAP API in MantisBT before 1.2.9 allows remote attackers to bypass authentication via a null password.

  • CVE-2012-2388Jun 27, 2012
    risk 0.00cvss epss 0.03

    The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."

  • CVE-2011-0011Jun 21, 2012
    risk 0.00cvss epss 0.01

    qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.

  • CVE-2012-0717Jun 20, 2012
    risk 0.00cvss epss 0.01

    IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain SSLv2 configuration with client authentication is used, allows remote attackers to bypass X.509 client-certificate authentication via unspecified vectors.

  • CVE-2012-1145Jun 16, 2012
    risk 0.00cvss epss 0.03

    spacewalk-backend in Red Hat Network Satellite 5.4 on Red Hat Enterprise Linux 6 does not properly authorize or authenticate uploads to the NULL organization when mod_wsgi is used, which allows remote attackers to cause a denial of service (/var partition disk consumption and…

  • CVE-2012-2606Jun 13, 2012
    risk 0.00cvss epss 0.02

    The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack.

  • CVE-2012-0944Jun 4, 2012
    risk 0.00cvss epss 0.01

    Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via a man-in-the-middle attack.

  • CVE-2011-5090May 24, 2012
    risk 0.00cvss epss 0.01

    GR Board (aka grboard) 1.8.6.5 Community Edition does not require authentication for certain database actions, which allows remote attackers to modify or delete data via a request to (1) mod_rewrite.php, (2) comment_write_ok.php, (3) poll/index.php, (4) update/index.php, (5)…

  • CVE-2012-2562May 22, 2012
    risk 0.00cvss epss 0.02

    The Xelex MobileTrack application 2.3.7 and earlier for Android does not verify the origin of SMS commands, which allows remote attackers to execute a (1) LOCATE, (2) TRACK, (3) UPDATECFG, (4) UPDATEACCT, (5) STAT, (6) TERM, or (7) WIPE command via an SMS message.

  • CVE-2012-0675May 11, 2012
    risk 0.00cvss epss 0.02

    Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume.