VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 32 of 121
  • CVE-2026-34873CriApr 1, 2026
    risk 0.52cvss 9.1epss 0.00

    An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session.

  • CVE-2025-53786HigAug 6, 2025
    risk 0.52cvss 8.0epss 0.07

    On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and accompanying non-security Hot Fix. Microsoft made these changes in the general interest of improving the security of hybrid Exchange deployments. Following further investigation,…

  • CVE-2025-47275CriMay 15, 2025
    risk 0.52cvss 9.1epss 0.00

    Auth0-PHP provides the PHP SDK for Auth0 Authentication and Management APIs. Starting in version 8.0.0-BETA1 and prior to version 8.14.0, session cookies of applications using the Auth0-PHP SDK configured with CookieStore have authentication tags that can be brute forced, which…

  • CVE-2025-24895CriFeb 18, 2025
    risk 0.52cvss 9.1epss 0.01

    CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider (IDP): the system that authenticates users and provides identity information (SAML…

  • CVE-2025-24894CriFeb 18, 2025
    risk 0.52cvss 9.1epss 0.01

    SPID.AspNetCore.Authentication is an AspNetCore Remote Authenticator for SPID. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: Identity Provider (IDP): the system that authenticates users and provides identity information (SAML…

  • CVE-2025-22146CriJan 15, 2025
    risk 0.52cvss 9.1epss 0.01

    Sentry is a developer-first error tracking and performance monitoring tool. A critical vulnerability was discovered in the SAML SSO implementation of Sentry. It was reported to us via our private bug bounty program. The vulnerability allows an attacker to take over any user…

  • CVE-2024-25128CriFeb 29, 2024
    risk 0.52cvss 9.1epss 0.01

    Flask-AppBuilder is an application development framework, built on top of Flask. When Flask-AppBuilder is set to AUTH_TYPE AUTH_OID, it allows an attacker to forge an HTTP request, that could deceive the backend into using any requested OpenID service. This vulnerability could…

  • CVE-2024-22206CriJan 12, 2024
    risk 0.52cvss 9.0epss 0.01

    Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.

  • CVE-2023-37471CriJul 20, 2023
    risk 0.52cvss 9.1epss 0.01

    Open Access Management (OpenAM) is an access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security. OpenAM up to version 14.7.2 does not properly validate the signature of SAML responses received as part of the…

  • CVE-2023-27582CriMar 13, 2023
    risk 0.52cvss 9.1epss 0.01

    maddy is a composable, all-in-one mail server. Starting with version 0.2.0 and prior to version 0.6.3, maddy allows a full authentication bypass if SASL authorization username is specified when using the PLAIN authentication mechanisms. Instead of validating the specified…

  • CVE-2020-36569CriDec 27, 2022
    risk 0.52cvss 9.1epss 0.01

    Authentication is globally bypassed in github.com/nanobox-io/golang-nanoauth between v0.0.0-20160722212129-ac0cc4484ad4 and v0.0.0-20200131131040-063a3fb69896 if ListenAndServe is called with an empty token.

  • CVE-2022-47408CriDec 14, 2022
    risk 0.52cvss 9.1epss 0.01

    An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people.

  • CVE-2022-41912CriNov 28, 2022
    risk 0.52cvss 9.1epss 0.02

    The crewjam/saml go library prior to version 0.4.9 is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements. This issue has been corrected in version 0.4.9. There are no workarounds other than upgrading to a fixed version.

  • CVE-2022-39387CriNov 4, 2022
    risk 0.52cvss 9.1epss 0.01

    XWiki OIDC has various tools to manipulate OpenID Connect protocol in XWiki. Prior to version 1.29.1, even if a wiki has an OpenID provider configured through its xwiki.properties, it is possible to provide a third party provider its details through request parameters. One can…

  • CVE-2021-3850CriJan 25, 2022
    risk 0.52cvss 9.1epss 0.02

    Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.

  • CVE-2020-10594CriMar 15, 2020
    risk 0.52cvss 9.1epss 0.01

    An issue was discovered in drf-jwt 1.15.x before 1.15.1. It allows attackers with access to a notionally invalidated token to obtain a new, working token via the refresh endpoint, because the blacklist protection mechanism is incompatible with the token-refresh feature. NOTE:…

  • CVE-2019-17134CriOct 8, 2019
    risk 0.52cvss 9.1epss 0.02

    Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the…

  • CVE-2018-1112HigApr 25, 2018
    risk 0.52cvss 8.0epss 0.02

    glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.

  • CVE-2017-10784HigSep 19, 2017
    risk 0.52cvss 8.8epss 0.16

    The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name.

  • CVE-2017-7314HigJun 7, 2017
    risk 0.52cvss 7.5epss 0.03

    An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, while creating a new role, a list of database tables and their columns is available.