CWE-287
Improper Authentication
Description
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94
CVEs mapped to this weakness (2,419)
page 24 of 121| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-8828 | — | Hig | 0.57 | 8.8 | 0.02 | Apr 8, 2020 | As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are… | |
| CVE-2014-8650 | — | Cri | 0.57 | 9.8 | 0.04 | Dec 15, 2019 | python-requests-Kerberos through 0.5 does not handle mutual authentication | |
| CVE-2019-8149 | Cri | 0.57 | 9.8 | 0.02 | Nov 6, 2019 | Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can append arbitrary session id that will not be invalidated by subsequent authentication. | ||
| CVE-2019-12405 | Cri | 0.57 | 9.8 | 0.03 | Sep 9, 2019 | Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without… | ||
| CVE-2019-10643 | Cri | 0.57 | 9.8 | 0.01 | Apr 17, 2019 | Contao 4.7 allows Use of a Key Past its Expiration Date. | ||
| CVE-2018-15751 | — | Cri | 0.57 | 9.8 | 0.05 | Oct 24, 2018 | SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi). | |
| CVE-2018-18389 | — | Cri | 0.57 | 9.8 | 0.02 | Oct 16, 2018 | Due to incorrect access control in Neo4j Enterprise Database Server 3.4.x before 3.4.9, the setting of LDAP for authentication with STARTTLS, and System Account for authorization, allows an attacker to log into the server by sending any valid username with an arbitrary password. | |
| CVE-2018-15152 | Cri | 0.57 | 9.1 | 0.26 | Aug 15, 2018 | Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker to access (1) portal/add_edit_event_user.php, (2) portal/find_appt_popup_user.php, (3) portal/get_allergies.php, (4) portal/get_amendments.php, (5)… | ||
| CVE-2018-3775 | Hig | 0.57 | 8.8 | 0.01 | Aug 12, 2018 | Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication. | ||
| CVE-2017-2652 | — | Hig | 0.57 | 8.8 | 0.01 | Jul 27, 2018 | It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary… | |
| CVE-2016-9497 | Hig | 0.57 | 8.8 | 0.02 | Jul 13, 2018 | Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user… | ||
| CVE-2016-6541 | Hig | 0.57 | 8.8 | 0.01 | Jul 6, 2018 | TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in… | ||
| CVE-2018-11407 | — | Cri | 0.57 | 9.8 | 0.02 | Jun 13, 2018 | An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a "null" password and valid username, which triggers an… | |
| CVE-2018-7943 | — | Hig | 0.57 | 8.8 | 0.01 | Jun 5, 2018 | There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information… | |
| CVE-2018-7949 | Hig | 0.57 | 8.8 | 0.01 | Jun 1, 2018 | The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. A remote attacker may send some specially crafted login messages to the affected products. Due to improper authentication design, successful exploit enables… | ||
| CVE-2018-11478 | Hig | 0.57 | 8.8 | 0.01 | May 30, 2018 | An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car (different for every vendor / car product line /… | ||
| CVE-2016-10525 | — | Cri | 0.57 | 9.8 | 0.03 | May 29, 2018 | When attempting to allow authentication mode `try` in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication. | |
| CVE-2018-7941 | Hig | 0.57 | 8.8 | 0.01 | May 10, 2018 | Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause… | ||
| CVE-2017-12712 | Hig | 0.57 | 8.8 | 0.01 | Apr 25, 2018 | The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF… | ||
| CVE-2018-6960 | Hig | 0.57 | 8.8 | 0.03 | Apr 20, 2018 | VMware Horizon DaaS (7.x before 8.0.0) contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS. |
- risk 0.57cvss 8.8epss 0.02
As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are…
- risk 0.57cvss 9.8epss 0.04
python-requests-Kerberos through 0.5 does not handle mutual authentication
- risk 0.57cvss 9.8epss 0.02
Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can append arbitrary session id that will not be invalidated by subsequent authentication.
- risk 0.57cvss 9.8epss 0.03
Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without…
- risk 0.57cvss 9.8epss 0.01
Contao 4.7 allows Use of a Key Past its Expiration Date.
- risk 0.57cvss 9.8epss 0.05
SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).
- risk 0.57cvss 9.8epss 0.02
Due to incorrect access control in Neo4j Enterprise Database Server 3.4.x before 3.4.9, the setting of LDAP for authentication with STARTTLS, and System Account for authorization, allows an attacker to log into the server by sending any valid username with an arbitrary password.
- risk 0.57cvss 9.1epss 0.26
Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker to access (1) portal/add_edit_event_user.php, (2) portal/find_appt_popup_user.php, (3) portal/get_allergies.php, (4) portal/get_amendments.php, (5)…
- risk 0.57cvss 8.8epss 0.01
Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication.
- risk 0.57cvss 8.8epss 0.01
It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary…
- risk 0.57cvss 8.8epss 0.02
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user…
- risk 0.57cvss 8.8epss 0.01
TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in…
- risk 0.57cvss 9.8epss 0.02
An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a "null" password and valid username, which triggers an…
- risk 0.57cvss 8.8epss 0.01
There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information…
- risk 0.57cvss 8.8epss 0.01
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. A remote attacker may send some specially crafted login messages to the affected products. Due to improper authentication design, successful exploit enables…
- risk 0.57cvss 8.8epss 0.01
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car (different for every vendor / car product line /…
- risk 0.57cvss 9.8epss 0.03
When attempting to allow authentication mode `try` in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication.
- risk 0.57cvss 8.8epss 0.01
Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause…
- risk 0.57cvss 8.8epss 0.01
The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF…
- risk 0.57cvss 8.8epss 0.03
VMware Horizon DaaS (7.x before 8.0.0) contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS.