VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 23 of 121
  • CVE-2023-0311CriJan 15, 2023
    risk 0.57cvss 9.8epss 0.01

    Improper Authentication in GitHub repository thorsten/phpmyfaq prior to 3.1.10.

  • CVE-2022-43685HigNov 22, 2022
    risk 0.57cvss 8.8epss 0.01

    CKAN through 2.9.6 account takeovers by unauthenticated users when an existing user id is sent via an HTTP POST request. This allows a user to take over an existing account including superuser accounts.

  • CVE-2022-37298CriOct 20, 2022
    risk 0.57cvss 9.8epss 0.02

    Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. The SafeUnpickler class found in shinken/safepickle.py implements a weak authentication scheme when unserializing objects passed from monitoring nodes to the Shinken monitoring…

  • CVE-2022-36436CriSep 14, 2022
    risk 0.57cvss 9.8epss 0.02

    OSU Open Source Lab VNCAuthProxy through 1.1.1 is affected by an vncap/vnc/protocol.py VNCServerAuthenticator authentication-bypass vulnerability that could allow a malicious actor to gain unauthorized access to a VNC session or to disconnect a legitimate user from a VNC…

  • CVE-2022-2818CriAug 15, 2022
    risk 0.57cvss 9.8epss 0.01

    Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository cockpit-hq/cockpit prior to 2.2.2.

  • CVE-2021-43415HigDec 3, 2021
    risk 0.57cvss 8.8epss 0.01

    HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1.

  • CVE-2021-43786CriNov 29, 2021
    risk 0.57cvss 9.8epss 0.02

    Nodebb is an open source Node.js based forum software. In affected versions incorrect logic present in the token verification step unintentionally allowed master token access to the API. The vulnerability has been patch as of v1.18.5. Users are advised to upgrade as soon as…

  • CVE-2021-41745CriOct 22, 2021
    risk 0.57cvss 9.8epss 0.01

    ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions.

  • CVE-2021-26077HigMay 10, 2021
    risk 0.57cvss 8.8epss 0.01

    Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the…

  • CVE-2020-27846CriDec 21, 2020
    risk 0.57cvss 9.8epss 0.05

    A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

  • CVE-2020-26214CriNov 6, 2020
    risk 0.57cvss 9.1epss 0.66

    In Alerta before version 8.1.0, users may be able to bypass LDAP authentication if they provide an empty password when Alerta server is configure to use LDAP as the authorization provider. Only deployments where LDAP servers are configured to allow unauthenticated authentication…

  • CVE-2020-17510CriNov 5, 2020
    risk 0.57cvss 9.8epss 0.09

    Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass.

  • CVE-2020-2301CriNov 4, 2020
    risk 0.57cvss 9.8epss 0.02

    Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user with any password while a successful authentication of that user is still in the optional cache when using Windows/ADSI mode.

  • CVE-2020-2300CriNov 4, 2020
    risk 0.57cvss 9.8epss 0.02

    Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the use of an empty password in Windows/ADSI mode, which allows attackers to log in to Jenkins as any user depending on the configuration of the Active Directory server.

  • CVE-2020-2299CriNov 4, 2020
    risk 0.57cvss 9.8epss 0.01

    Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user if a magic constant is used as the password.

  • CVE-2020-24660CriSep 14, 2020
    risk 0.57cvss 9.8epss 0.02

    An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL-based access control to protected Virtual Hosts by submitting a non-normalized URI. This also affects versions before 0.5.2 of the "Lemonldap::NG handler for Node.js" package.

  • CVE-2017-18908CriJun 19, 2020
    risk 0.57cvss 9.8epss 0.01

    An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. A password-reset request was sometime sent to an attacker-provided e-mail address.

  • CVE-2016-11074CriJun 19, 2020
    risk 0.57cvss 9.8epss 0.01

    An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.

  • CVE-2018-21246CriJun 15, 2020
    risk 0.57cvss 9.8epss 0.03

    Caddy before 0.10.13 mishandles TLS client authentication, as demonstrated by an authentication bypass caused by the lack of the StrictHostMatching mode.

  • CVE-2019-20786CriApr 19, 2020
    risk 0.57cvss 9.8epss 0.03

    handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary unencrypted data after handshake completion.