VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 12 of 121
  • CVE-2011-4068CriFeb 1, 2018
    risk 0.64cvss 9.8epss 0.02

    The check_password function in html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to bypass authentication via an empty password.

  • CVE-2017-14698CriJan 29, 2018
    risk 0.64cvss 9.8epss 0.01

    ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U, and DSL-AC750 routers allow remote attackers to change passwords of arbitrary users via the http_passwd…

  • CVE-2017-15531CriJan 23, 2018
    risk 0.64cvss 9.8epss 0.02

    Symantec Reporter 9.5 prior to 9.5.4.1 and 10.1 prior to 10.1.5.5 does not restrict excessive authentication attempts for management interface users. A remote attacker can use brute force search to guess a user password and gain access to Reporter.

  • CVE-2018-5328CriJan 15, 2018
    risk 0.64cvss 9.8epss 0.01

    ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged modules without authenticating the user; an attacker can misuse these functionalities to perform unauthorized actions, as demonstrated by Edit User Details.

  • CVE-2017-15883CriJan 8, 2018
    risk 0.64cvss 9.8epss 0.02

    Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remote attackers to bypass authentication and consequently cause a denial of service on load balanced sites or gain privileges via vectors related to weak cryptography.

  • CVE-2017-15548CriJan 5, 2018
    risk 0.64cvss 9.8epss 0.05

    An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication…

  • CVE-2015-6237CriDec 27, 2017
    risk 0.64cvss 9.8epss 0.02

    The RPC service in Tripwire (formerly nCircle) IP360 VnE Manager 7.2.2 before 7.2.6 allows remote attackers to bypass authentication and (1) enumerate users, (2) reset passwords, or (3) manipulate IP filter restrictions via crafted "privileged commands."

  • CVE-2015-7224CriDec 21, 2017
    risk 0.64cvss 9.8epss 0.02

    puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging creation of a database account without a password when a 'mysql_user' user parameter contains a host with a netmask.

  • CVE-2017-17777CriDec 20, 2017
    risk 0.64cvss 9.8epss 0.01

    Paid To Read Script 2.0.5 has authentication bypass in the admin panel via a direct request, as demonstrated by the admin/viewvisitcamp.php fn parameter and the admin/userview.php uid parameter.

  • CVE-2017-16684CriDec 12, 2017
    risk 0.64cvss 9.8epss 0.03

    SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity.

  • CVE-2017-17430CriDec 7, 2017
    risk 0.64cvss 9.8epss 0.02

    Sangoma NetBorder / Vega Session Controller before 2.3.12-80-GA allows remote attackers to execute arbitrary commands via the web interface.

  • CVE-2017-10903CriDec 1, 2017
    risk 0.64cvss 9.8epss 0.03

    Improper authentication issue in PTW-WMS1 firmware version 2.000.012 allows remote attackers to log in to the device with root privileges and conduct arbitrary operations via unspecified vectors.

  • CVE-2017-14377CriNov 29, 2017
    risk 0.64cvss 9.8epss 0.03

    EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apache Web Server version 8.0.1 prior to Build 618 have a security vulnerability that could potentially lead to authentication bypass.

  • CVE-2017-2738CriNov 22, 2017
    risk 0.64cvss 9.8epss 0.03

    VCM5010 with software versions earlier before V100R002C50SPC100 has an authentication bypass vulnerability. This is due to improper implementation of authentication for accessing web pages. An unauthenticated attacker could bypass the authentication by sending a crafted HTTP…

  • CVE-2017-8861CriNov 22, 2017
    risk 0.64cvss 9.8epss 0.02

    Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an attacker to change configuration parameters such as IP address and username/password via specially crafted XML SOAP packets.

  • CVE-2017-16566CriNov 17, 2017
    risk 0.64cvss 9.8epss 0.03

    On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not require authentication, which allows remote attackers to read or replace core system files including those used for authentication (such as passwd and shadow). This can be abused to take full root level…

  • CVE-2017-12337CriNov 16, 2017
    risk 0.64cvss 9.8epss 0.06

    A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a…

  • CVE-2017-16634CriNov 10, 2017
    risk 0.64cvss 9.8epss 0.04

    In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method.

  • CVE-2017-2864CriNov 7, 2017
    risk 0.64cvss 9.8epss 0.02

    An exploitable vulnerability exists in the generation of authentication token functionality of Circle with Disney. Specially crafted network packets can cause a valid authentication token to be returned to the attacker resulting in authentication bypass. An attacker can send a…

  • CVE-2017-1000154CriNov 3, 2017
    risk 0.64cvss 9.8epss 0.01

    Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to some authentication methods, which do not use Mahara's built-in login form, still allowing users to log in even if their institution was expired or suspended.