VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 30 of 121
  • CVE-2023-2706HigMay 17, 2023
    risk 0.53cvss 8.1epss 0.02

    The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication bypass. This is due to the fact that when generating OTP codes for users to use in order to login via phone number, the plugin returns these codes in an AJAX response. This makes it…

  • CVE-2020-13933HigAug 17, 2020
    risk 0.53cvss 7.5epss 0.48

    Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass.

  • CVE-2018-17341HigSep 23, 2018
    risk 0.53cvss 8.1epss 0.02

    BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is enabled, allows remote attackers to bypass authentication via a ..\ substring, as demonstrated by a launch.php?bigtree_htaccess_url=admin/images/..\ URI.

  • CVE-2018-11787HigSep 18, 2018
    risk 0.53cvss 8.1epss 0.03

    In Apache Karaf version prior to 3.0.9, 4.0.9, 4.1.1, when the webconsole feature is installed in Karaf, it is available at .../system/console and requires authentication to access it. One part of the console is a Gogo shell/console that gives access to the command line console…

  • CVE-2018-15478HigAug 30, 2018
    risk 0.53cvss 8.1epss 0.01

    An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. The process of registering a device with a cloud…

  • CVE-2018-3761HigJul 5, 2018
    risk 0.53cvss 8.1epss 0.02

    Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Missing checks potentially allowed handing out new tokens in case the OAuth2 client was partly compromised.

  • CVE-2018-10641HigMay 4, 2018
    risk 0.53cvss 8.1epss 0.02

    D-Link DIR-601 A1 1.02NA devices do not require the old password for a password change, which occurs in cleartext.

  • CVE-2014-0927HigApr 20, 2018
    risk 0.53cvss 8.1epss 0.02

    The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to bypass authentication by leveraging knowledge of the port number and webapp path. IBM X-Force ID: 92259.

  • CVE-2017-18223HigMar 10, 2018
    risk 0.53cvss 8.1epss 0.01

    BMC Remedy AR System before 9.1 SP3, when Remedy AR Authentication is enabled, allows attackers to obtain administrative access.

  • CVE-2018-7236HigMar 9, 2018
    risk 0.53cvss 8.1epss 0.01

    A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could enable SSH service due to lack of authentication for /login/bin/set_param could enable SSH service.

  • CVE-2018-7745HigMar 7, 2018
    risk 0.53cvss 7.5epss 0.13

    An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/install/installation/createuserinfo requests, resulting in account creation.

  • CVE-2017-15135HigJan 24, 2018
    risk 0.53cvss 8.1epss 0.04

    It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0.3 did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use this flaw to bypass the authentication process…

  • CVE-2014-6435HigJan 12, 2018
    risk 0.53cvss 7.5epss 0.13

    cgi-bin/AZ_Retrain.cgi in Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices does not check for authentication, which allows remote attackers to cause a denial of service (WAN connectivity reset) via a direct request.

  • CVE-2017-16953HigDec 1, 2017
    risk 0.53cvss 7.5epss 0.11

    connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows remote attackers to modify the PPPoE configuration or set up a malicious configuration via a GET request.

  • CVE-2017-2914HigNov 7, 2017
    risk 0.53cvss 8.1epss 0.02

    An exploitable authentication bypass vulnerability exists in the API daemon of Circle with Disney running firmware 2.0.1. A specially crafted token can bypass the authentication routine of the Apid binary, causing the device to grant unintended administrative access. An attacker…

  • CVE-2017-10873HigNov 2, 2017
    risk 0.53cvss 8.1epss 0.03

    OpenAM (Open Source Edition) allows an attacker to bypass authentication and access unauthorized contents via unspecified vectors. Note that this vulnerability affects OpenAM (Open Source Edition) implementations configured as SAML 2.0IdP, and switches authentication methods…

  • CVE-2017-9625HigOct 17, 2017
    risk 0.53cvss 8.2epss 0.02

    An Improper Authentication issue was discovered in Envitech EnviDAS Ultimate Versions prior to v1.0.0.5. The web application lacks proper authentication which could allow an attacker to view information and modify settings or execute code remotely.

  • CVE-2017-14337HigSep 12, 2017
    risk 0.53cvss 8.1epss 0.01

    When MISP before 2.4.80 is configured with X.509 certificate authentication (CertAuth) in conjunction with a non-MISP external user management ReST API, if an external user provides X.509 certificate authentication and this API returns an empty value, the unauthenticated user…

  • CVE-2017-14032HigAug 30, 2017
    risk 0.53cvss 8.1epss 0.01

    ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped…

  • CVE-2017-9857HigAug 5, 2017
    risk 0.53cvss 8.1epss 0.01

    An issue was discovered in SMA Solar Technology products. The SMAdata2+ communication protocol does not properly use authentication with encryption: it is vulnerable to man in the middle, packet injection, and replay attacks. Any setting change, authentication packet, scouting…