VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 25 of 121
  • CVE-2017-2871HigApr 17, 2018
    risk 0.57cvss 8.8epss 0.01

    Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. An attacker who is in the same subnetwork of the camera or has remote administrator access can fully compromise the device by performing a…

  • CVE-2018-0195HigMar 28, 2018
    risk 0.57cvss 8.8epss 0.01

    A vulnerability in the Cisco IOS XE Software REST API could allow an authenticated, remote attacker to bypass API authorization checks and use the API to perform privileged actions on an affected device. The vulnerability is due to insufficient authorization checks for requests…

  • CVE-2018-9105HigMar 27, 2018
    risk 0.57cvss 8.8epss 0.03

    NordVPN 3.3.10 for macOS suffers from a root privilege escalation vulnerability. The vulnerability stems from its privileged helper tool's implemented XPC service. This XPC service is responsible for receiving and processing new OpenVPN connection requests from the main…

  • CVE-2018-7749CriMar 12, 2018
    risk 0.57cvss 9.8epss 0.02

    The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step.

  • CVE-2017-18179HigFeb 12, 2018
    risk 0.57cvss 8.8epss 0.03

    Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring authentication token that remains valid after a password change or a session termination. Also, it is transmitted as a GET parameter. This is fixed in 10.1.

  • CVE-2018-6569HigFeb 6, 2018
    risk 0.57cvss 8.8epss 0.02

    West Wind Web Server 6.x does not require authentication for /ADMIN.ASP.

  • CVE-2018-4836HigJan 25, 2018
    risk 0.57cvss 8.8epss 0.02

    A vulnerability has been identified in TeleControl Server Basic < V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic's port 8000/tcp could escalate his privileges and perform administrative operations.

  • CVE-2017-16590HigJan 23, 2018
    risk 0.57cvss 8.8epss 0.03

    This vulnerability allows remote attackers to bypass authentication on vulnerable installations of NetGain Systems Enterprise Manager 7.2.699 build 1001. User interaction is required to exploit this vulnerability. The specific flaw exists within the MainFilter servlet. The issue…

  • CVE-2017-12695HigJan 9, 2018
    risk 0.57cvss 8.8epss 0.02

    An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to subvert security mechanisms and reset a user account password.

  • CVE-2014-0121CriDec 29, 2017
    risk 0.57cvss 9.8epss 0.04

    The admin terminal in Hawt.io does not require authentication, which allows remote attackers to execute arbitrary commands via the k parameter.

  • CVE-2017-16689HigDec 12, 2017
    risk 0.57cvss 8.8epss 0.01

    A Trusted RFC connection in SAP KERNEL 32NUC, SAP KERNEL 32Unicode, SAP KERNEL 64NUC, SAP KERNEL 64Unicode 7.21, 7.21EXT, 7.22, 7.22EXT; SAP KERNEL from 7.21 to 7.22, 7.45, 7.49, can be established to a different client or a different user on the same system, although no…

  • CVE-2017-17435HigDec 7, 2017
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phone application requires it and there is a field to supply the PIN code in an…

  • CVE-2017-0910HigNov 27, 2017
    risk 0.57cvss 8.8epss 0.01

    In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation system lets an authorized user of one realm on the server create a user account on any other realm.

  • CVE-2017-8195HigNov 22, 2017
    risk 0.57cvss 8.8epss 0.01

    The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message.

  • CVE-2017-8194HigNov 22, 2017
    risk 0.57cvss 8.8epss 0.01

    The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message.

  • CVE-2017-16613CriNov 21, 2017
    risk 0.57cvss 9.8epss 0.08

    An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving (unhashed) tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a…

  • CVE-2017-9314HigNov 13, 2017
    risk 0.57cvss 8.8epss 0.01

    Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. Attacker could exploit this vulnerability to gain access to additional operations by means of forging json message.

  • CVE-2017-5192HigSep 26, 2017
    risk 0.57cvss 8.8epss 0.02

    When using the local_batch client from salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2, external authentication is not respected, enabling all authentication to be bypassed.

  • CVE-2015-8332HigAug 28, 2017
    risk 0.57cvss 8.8epss 0.01

    Huawei Video Content Management (VCM) before V100R001C10SPC001 does not properly "authenticate online user identities and privileges," which allows remote authenticated users to gain privileges and perform a case operation as another user via a crafted message, aka "Horizontal…

  • CVE-2017-7557HigAug 22, 2017
    risk 0.57cvss 8.8epss 0.01

    dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF attack.