CWE-287
Improper Authentication
Description
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94
CVEs mapped to this weakness (2,419)
page 33 of 121| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8827 | Cri | 0.52 | 9.1 | 0.02 | May 8, 2017 | forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service (login inability) or possibly conduct Arbitrary User Password Reset attacks via a series of requests. | ||
| CVE-2017-8223 | Hig | 0.52 | 7.5 | 0.04 | Apr 25, 2017 | On Wireless IP Camera (P2P) WIFICAM devices, an attacker can use the RTSP server on port 10554/tcp to watch the streaming without authentication via tcp/av0_1 or tcp/av0_0. | ||
| CVE-2017-6104 | Hig | 0.52 | 7.5 | 0.07 | Mar 2, 2017 | Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0. | ||
| CVE-2026-26128 | Hig | 0.51 | 7.8 | 0.00 | Mar 10, 2026 | Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-1368 | — | Hig | 0.51 | 7.5 | 0.01 | Feb 18, 2026 | The Video Conferencing with Zoom WordPress plugin before 4.6.6 contains an AJAX handler that has its nonce verification commented out, allowing unauthenticated attackers to generate valid Zoom SDK signatures for any meeting ID and retrieve the site's Zoom SDK key. | |
| CVE-2025-10672 | Hig | 0.51 | 7.8 | 0.00 | Sep 18, 2025 | A vulnerability was found in whuan132 AIBattery up to 1.0.9. The affected element is an unknown function of the file AIBatteryHelper/XPC/BatteryXPCService.swift of the component com.collweb.AIBatteryHelper. The manipulation results in missing authentication. The attack requires… | ||
| CVE-2025-9815 | Hig | 0.51 | 7.8 | 0.00 | Sep 2, 2025 | A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element is an unknown function of the file PrivilegeHelper/PrivilegeHelper.swift of the component NSXPCListener. This manipulation causes missing authentication. It is possible to launch the… | ||
| CVE-2025-41459 | Hig | 0.51 | 7.8 | 0.00 | Jul 21, 2025 | Insufficient protection against brute-force and runtime manipulation in the local authentication component in Two App Studio Journey 5.5.6 on iOS allows local attackers to bypass biometric and PIN-based access control via repeated PIN attempts or dynamic code injection. | ||
| CVE-2024-56329 | Hig | 0.51 | — | 0.01 | Dec 20, 2024 | Socialstream is a third-party package for Laravel Jetstream. It replaces the published authentication and profile scaffolding provided by Laravel Jetstream, with scaffolding that has support for Laravel Socialite. When linking a social account to an already authenticated user,… | ||
| CVE-2018-6689 | Hig | 0.51 | 7.8 | 0.00 | Oct 3, 2018 | Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attackers to bypass local security protection via specific conditions. | ||
| CVE-2018-6617 | Hig | 0.51 | 7.8 | 0.00 | May 11, 2018 | Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL server, allows attackers to change passwords of arbitrary database users by leveraging failure to ask for the current password. | ||
| CVE-2018-9232 | Hig | 0.51 | 7.8 | 0.01 | May 1, 2018 | Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update. | ||
| CVE-2016-8380 | Hig | 0.51 | 7.3 | 0.11 | Apr 5, 2018 | The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication. | ||
| CVE-2016-8371 | Hig | 0.51 | 7.3 | 0.11 | Apr 5, 2018 | The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled. | ||
| CVE-2017-9946 | Hig | 0.51 | 7.5 | 0.25 | Oct 23, 2017 | A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. An attacker with network access to the integrated web server (80/tcp and 443/tcp) could bypass the authentication and download sensitive information from… | ||
| CVE-2015-8308 | Hig | 0.51 | 7.8 | 0.00 | Aug 24, 2017 | LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections. | ||
| CVE-2017-3745 | Hig | 0.51 | 7.8 | 0.00 | Jun 20, 2017 | In Lenovo XClarity Administrator (LXCA) before 1.3.0, if service data is downloaded from LXCA, a non-administrative user may have access to password information for users that have previously authenticated to the LXCA's internal LDAP server, including administrative accounts and… | ||
| CVE-2017-9552 | Hig | 0.51 | 7.8 | 0.00 | Jun 13, 2017 | A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth USERNAME… | ||
| CVE-2014-9952 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist. | ||
| CVE-2016-1278 | Hig | 0.51 | 7.8 | 0.00 | Aug 5, 2016 | Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to "safe mode" authentication and allows root CLI logins without a password after a failed upgrade to 12.1X46, which might allow local users to gain privileges by leveraging use of the "request system software"… |
- risk 0.52cvss 9.1epss 0.02
forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service (login inability) or possibly conduct Arbitrary User Password Reset attacks via a series of requests.
- risk 0.52cvss 7.5epss 0.04
On Wireless IP Camera (P2P) WIFICAM devices, an attacker can use the RTSP server on port 10554/tcp to watch the streaming without authentication via tcp/av0_1 or tcp/av0_0.
- risk 0.52cvss 7.5epss 0.07
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0.
- risk 0.51cvss 7.8epss 0.00
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.5epss 0.01
The Video Conferencing with Zoom WordPress plugin before 4.6.6 contains an AJAX handler that has its nonce verification commented out, allowing unauthenticated attackers to generate valid Zoom SDK signatures for any meeting ID and retrieve the site's Zoom SDK key.
- risk 0.51cvss 7.8epss 0.00
A vulnerability was found in whuan132 AIBattery up to 1.0.9. The affected element is an unknown function of the file AIBatteryHelper/XPC/BatteryXPCService.swift of the component com.collweb.AIBatteryHelper. The manipulation results in missing authentication. The attack requires…
- risk 0.51cvss 7.8epss 0.00
A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element is an unknown function of the file PrivilegeHelper/PrivilegeHelper.swift of the component NSXPCListener. This manipulation causes missing authentication. It is possible to launch the…
- risk 0.51cvss 7.8epss 0.00
Insufficient protection against brute-force and runtime manipulation in the local authentication component in Two App Studio Journey 5.5.6 on iOS allows local attackers to bypass biometric and PIN-based access control via repeated PIN attempts or dynamic code injection.
- risk 0.51cvss —epss 0.01
Socialstream is a third-party package for Laravel Jetstream. It replaces the published authentication and profile scaffolding provided by Laravel Jetstream, with scaffolding that has support for Laravel Socialite. When linking a social account to an already authenticated user,…
- risk 0.51cvss 7.8epss 0.00
Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attackers to bypass local security protection via specific conditions.
- risk 0.51cvss 7.8epss 0.00
Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL server, allows attackers to change passwords of arbitrary database users by leveraging failure to ask for the current password.
- risk 0.51cvss 7.8epss 0.01
Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update.
- risk 0.51cvss 7.3epss 0.11
The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.
- risk 0.51cvss 7.3epss 0.11
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.
- risk 0.51cvss 7.5epss 0.25
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. An attacker with network access to the integrated web server (80/tcp and 443/tcp) could bypass the authentication and download sensitive information from…
- risk 0.51cvss 7.8epss 0.00
LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections.
- risk 0.51cvss 7.8epss 0.00
In Lenovo XClarity Administrator (LXCA) before 1.3.0, if service data is downloaded from LXCA, a non-administrative user may have access to password information for users that have previously authenticated to the LXCA's internal LDAP server, including administrative accounts and…
- risk 0.51cvss 7.8epss 0.00
A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth USERNAME…
- risk 0.51cvss 7.8epss 0.00
In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to "safe mode" authentication and allows root CLI logins without a password after a failed upgrade to 12.1X46, which might allow local users to gain privileges by leveraging use of the "request system software"…