VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 35 of 121
  • CVE-2022-39267HigOct 19, 2022
    risk 0.50cvss 8.8epss 0.01

    Bifrost is a heterogeneous middleware that synchronizes MySQL, MariaDB to Redis, MongoDB, ClickHouse, MySQL and other services for production environments. Versions prior to 1.8.8-release are subject to authentication bypass in the admin and monitor user groups by deleting the…

  • CVE-2022-31020HigSep 6, 2022
    risk 0.50cvss 8.8epss 0.02

    Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the `pool-upgrade` request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on nodes within the network. The…

  • CVE-2022-23652HigFeb 22, 2022
    risk 0.50cvss 8.8epss 0.01

    capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious `Connection` header to start a privilege escalation attack towards the Kubernetes…

  • CVE-2021-32691HigJun 16, 2021
    risk 0.50cvss 8.8epss 0.01

    Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps versions prior to 2.20.0, new user registrations are able to access anyone's account by only knowing their basic profile information (name, birthday, gender, etc). This includes all app…

  • CVE-2021-26073HigApr 16, 2021
    risk 0.50cvss 7.7epss 0.01

    Broken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Express app occurs with a…

  • CVE-2017-11430HigApr 17, 2019
    risk 0.50cvss 7.7epss 0.02

    OmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to…

  • CVE-2017-11429HigApr 17, 2019
    risk 0.50cvss 7.7epss 0.02

    Clever saml2-js 2.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass…

  • CVE-2017-11428HigApr 17, 2019
    risk 0.50cvss 7.7epss 0.03

    OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially…

  • CVE-2018-8171HigJul 11, 2018
    risk 0.50cvss 7.5epss 0.10

    A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka "ASP.NET Security Feature Bypass Vulnerability." This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2.

  • CVE-2017-1000354HigJan 29, 2018
    risk 0.50cvss 8.8epss 0.01

    Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to a login command which allowed impersonating any Jenkins user. The `login` command available in the remoting-based CLI stored the encrypted user name of the successfully authenticated user in a…

  • CVE-2016-4953HigJul 5, 2016
    risk 0.50cvss 7.5epss 0.17

    ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.

  • CVE-2016-2076HigApr 15, 2016
    risk 0.50cvss 7.6epss 0.01

    Client Integration Plugin (CIP) in VMware vCenter Server 5.5 U3a, U3b, and U3c and 6.0 before U2; vCloud Director 5.5.5; and vRealize Automation Identity Appliance 6.2.4 before 6.2.4.1 mishandles session content, which allows remote attackers to hijack sessions via a crafted web…

  • CVE-2026-8293HigJun 2, 2026
    risk 0.49cvss 7.5epss 0.00

    The Really Simple Security WordPress plugin before 9.5.10.1 does not enforce the second-factor challenge in two of its two-factor authentication REST endpoints, allowing an attacker who knows a user's password to obtain a WordPress authentication session for that user without…

  • CVE-2026-40964HigJun 1, 2026
    risk 0.49cvss 7.5epss 0.00

    Authentication Bypass in cf-auth-proxy in Cloud Foundry Foundation all installations allows an unauthenticated remote attacker to gain read access to every log and metric for every application and platform component via minting a JWT that the cf-auth-proxy accepts as a valid…

  • CVE-2026-48897HigMay 26, 2026
    risk 0.49cvss 7.5epss 0.00

    Insufficient state checks lead to a vector that allows to bypass 2FA checks.

  • CVE-2026-48896HigMay 26, 2026
    risk 0.49cvss 7.5epss 0.00

    Insufficient state checks lead to a vector that allows to bypass 2FA checks.

  • CVE-2026-23708HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.00

    A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via…

  • CVE-2026-40177HigApr 10, 2026
    risk 0.49cvss 7.5epss 0.00

    ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible to bypass the password authentication This vulnerability is fixed in 0.112.

  • CVE-2024-21635HigNov 14, 2025
    risk 0.49cvss 7.5epss 0.00

    Memos is a privacy-first, lightweight note-taking service that uses Access Tokens to authenticate application access. When a user changes their password, the existing list of Access Tokens stay valid instead of expiring. If a user finds that their account has been compromised,…

  • CVE-2025-20083HigMay 13, 2025
    risk 0.49cvss 7.5epss 0.00

    Improper authentication in the firmware for the Intel(R) Slim Bootloader may allow a privileged user to potentially enable escalation of privilege via local access.