VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 24 of 121
  • CVE-2020-8828HigApr 8, 2020
    risk 0.57cvss 8.8epss 0.02

    As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are…

  • CVE-2014-8650CriDec 15, 2019
    risk 0.57cvss 9.8epss 0.04

    python-requests-Kerberos through 0.5 does not handle mutual authentication

  • CVE-2019-8149CriNov 6, 2019
    risk 0.57cvss 9.8epss 0.02

    Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can append arbitrary session id that will not be invalidated by subsequent authentication.

  • CVE-2019-12405CriSep 9, 2019
    risk 0.57cvss 9.8epss 0.03

    Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without…

  • CVE-2019-10643CriApr 17, 2019
    risk 0.57cvss 9.8epss 0.01

    Contao 4.7 allows Use of a Key Past its Expiration Date.

  • CVE-2018-15751CriOct 24, 2018
    risk 0.57cvss 9.8epss 0.05

    SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).

  • CVE-2018-18389CriOct 16, 2018
    risk 0.57cvss 9.8epss 0.02

    Due to incorrect access control in Neo4j Enterprise Database Server 3.4.x before 3.4.9, the setting of LDAP for authentication with STARTTLS, and System Account for authorization, allows an attacker to log into the server by sending any valid username with an arbitrary password.

  • CVE-2018-15152CriAug 15, 2018
    risk 0.57cvss 9.1epss 0.26

    Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker to access (1) portal/add_edit_event_user.php, (2) portal/find_appt_popup_user.php, (3) portal/get_allergies.php, (4) portal/get_amendments.php, (5)…

  • CVE-2018-3775HigAug 12, 2018
    risk 0.57cvss 8.8epss 0.01

    Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication.

  • CVE-2017-2652HigJul 27, 2018
    risk 0.57cvss 8.8epss 0.01

    It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary…

  • CVE-2016-9497HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.02

    Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user…

  • CVE-2016-6541HigJul 6, 2018
    risk 0.57cvss 8.8epss 0.01

    TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in…

  • CVE-2018-11407CriJun 13, 2018
    risk 0.57cvss 9.8epss 0.02

    An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a "null" password and valid username, which triggers an…

  • CVE-2018-7943HigJun 5, 2018
    risk 0.57cvss 8.8epss 0.01

    There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information…

  • CVE-2018-7949HigJun 1, 2018
    risk 0.57cvss 8.8epss 0.01

    The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. A remote attacker may send some specially crafted login messages to the affected products. Due to improper authentication design, successful exploit enables…

  • CVE-2018-11478HigMay 30, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car (different for every vendor / car product line /…

  • CVE-2016-10525CriMay 29, 2018
    risk 0.57cvss 9.8epss 0.03

    When attempting to allow authentication mode `try` in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication.

  • CVE-2018-7941HigMay 10, 2018
    risk 0.57cvss 8.8epss 0.01

    Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause…

  • CVE-2017-12712HigApr 25, 2018
    risk 0.57cvss 8.8epss 0.01

    The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF…

  • CVE-2018-6960HigApr 20, 2018
    risk 0.57cvss 8.8epss 0.03

    VMware Horizon DaaS (7.x before 8.0.0) contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS.