VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 34 of 121
  • CVE-2015-7974HigJan 26, 2016
    risk 0.51cvss 7.7epss 0.06

    NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."

  • CVE-2026-49443HigJun 2, 2026
    risk 0.50cvss 8.8epss 0.00

    authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, an attacker with the ability to change a source connection, and an account in one of the configured sources can log into any account. This issue has been patched in versions…

  • CVE-2026-40165HigMay 21, 2026
    risk 0.50cvss 8.7epss 0.00

    authentik is an open-source identity provider. Versions 2025.12.4 and prior, and versions 2026.2.0-rc1 through 2026.2.2 were vulnerable to Authentication Bypass through SAML NameID XML Comment Injection. Due to how authentik extracted the NameID value from a SAML assertion, it…

  • CVE-2026-8621HigMay 14, 2026
    risk 0.50cvss 8.8epss 0.00

    Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests…

  • CVE-2026-33175HigApr 3, 2026
    risk 0.50cvss 8.8epss 0.00

    OAuthenticator is software that allows OAuth2 identity providers to be plugged in and used with JupyterHub. Prior to version 17.4.0, an authentication bypass vulnerability in oauthenticator allows an attacker with an unverified email address on an Auth0 tenant to login to…

  • CVE-2026-33898HigMar 27, 2026
    risk 0.50cvss 8.8epss 0.00

    Incus is a system container and virtual machine manager. Prior to version 6.23.0, the web server spawned by `incus webui` incorrectly validates the authentication token such that an invalid value will be accepted. `incus webui` runs a local web server on a random localhost port.…

  • CVE-2025-61679HigOct 3, 2025
    risk 0.50cvss 7.7epss 0.00

    Anyquery is an SQL query engine built on top of SQLite. Versions 0.4.3 and below allow attackers who have already gained access to localhost, even with low privileges, to use the http server through the port unauthenticated, and access private integration data like emails,…

  • CVE-2025-54888HigAug 9, 2025
    risk 0.50cvss epss 0.01

    Fedify is a TypeScript library for building federated server apps powered by ActivityPub. In versions below 1.3.20, 1.4.0-dev.585 through 1.4.12, 1.5.0-dev.636 through 1.5.4, 1.6.0-dev.754 through 1.6.7, 1.7.0-pr.251.885 through 1.7.8 and 1.8.0-dev.909 through 1.8.4, an…

  • CVE-2025-2230HigMar 13, 2025
    risk 0.50cvss 7.7epss 0.00

    A flaw exists in the Windows login flow where an AuthContext token can be exploited for replay attacks and authentication bypass.

  • CVE-2024-55954HigJan 16, 2025
    risk 0.50cvss 8.7epss 0.00

    OpenObserve is a cloud-native observability platform. A vulnerability in the user management endpoint `/api/{org_id}/users/{email_id}` allows an "Admin" role user to remove a "Root" user from the organization. This violates the intended privilege hierarchy, enabling a non-root…

  • CVE-2024-49376HigOct 25, 2024
    risk 0.50cvss 8.8epss 0.00

    Autolab, a course management service that enables auto-graded programming assignments, has misconfigured reset password permissions in version 3.0.0. For email-based accounts, users with insufficient privileges could reset and theoretically access privileged users' accounts by…

  • CVE-2024-47080HigOct 15, 2024
    risk 0.50cvss epss 0.01

    matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. In matrix-js-sdk versions versions 9.11.0 through 34.7.0, the method `MatrixClient.sendSharedHistoryKeys` is vulnerable to interception by malicious homeservers. The method was introduced by MSC3061)…

  • CVE-2024-9313HigOct 3, 2024
    risk 0.50cvss 8.8epss 0.01

    Authd PAM module before version 0.3.5 can allow broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them.

  • CVE-2024-27923HigMar 21, 2024
    risk 0.50cvss 8.8epss 0.01

    Grav is a content management system (CMS). Prior to version 1.7.43, users who may write a page may use the `frontmatter` feature due to insufficient permission validation and inadequate file name validation. This may lead to remote code execution. Version 1.7.43 fixes this issue.

  • CVE-2022-39267HigOct 19, 2022
    risk 0.50cvss 8.8epss 0.01

    Bifrost is a heterogeneous middleware that synchronizes MySQL, MariaDB to Redis, MongoDB, ClickHouse, MySQL and other services for production environments. Versions prior to 1.8.8-release are subject to authentication bypass in the admin and monitor user groups by deleting the…

  • CVE-2022-31020HigSep 6, 2022
    risk 0.50cvss 8.8epss 0.02

    Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the `pool-upgrade` request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on nodes within the network. The…

  • CVE-2022-23652HigFeb 22, 2022
    risk 0.50cvss 8.8epss 0.01

    capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious `Connection` header to start a privilege escalation attack towards the Kubernetes…

  • CVE-2021-32691HigJun 16, 2021
    risk 0.50cvss 8.8epss 0.01

    Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps versions prior to 2.20.0, new user registrations are able to access anyone's account by only knowing their basic profile information (name, birthday, gender, etc). This includes all app…

  • CVE-2021-26073HigApr 16, 2021
    risk 0.50cvss 7.7epss 0.01

    Broken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Express app occurs with a…

  • CVE-2017-11430HigApr 17, 2019
    risk 0.50cvss 7.7epss 0.02

    OmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to…