VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 44 of 121
  • CVE-2024-51997HigNov 8, 2024
    risk 0.46cvss 8.1epss 0.00

    Trustee is a set of tools and components for attesting confidential guests and providing secrets to them. The ART (**Attestation Results Token**) token, generated by AS, could be manipulated by MITM attacker, but the verifier (CoCo Verification Demander like KBS) could still…

  • CVE-2024-8642HigSep 11, 2024
    risk 0.46cvss 8.1epss 0.00

    In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date), which can allow an attacker to bypass the check for token expiration. The…

  • CVE-2024-34103HigJun 13, 2024
    risk 0.46cvss 8.1epss 0.01

    Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access or elevated privileges within the…

  • CVE-2024-22257HigMar 18, 2024
    risk 0.46cvss 8.2epss 0.01

    In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to 5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, versions 6.2.x prior to 6.2.3, an application is possible vulnerable to broken access control when it directly uses the…

  • CVE-2023-29032HigMay 12, 2023
    risk 0.46cvss 8.1epss 0.01

    An attacker that has gained access to certain private information can use this to act as other user. Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 3.1.3 before 7.1.0

  • CVE-2022-47633HigDec 23, 2022
    risk 0.46cvss 8.1epss 0.01

    An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry (or a man-in-the-middle attacker) to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in…

  • CVE-2022-22576HigMay 26, 2022
    risk 0.46cvss 8.1epss 0.02

    An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects…

  • CVE-2022-24738HigMar 7, 2022
    risk 0.46cvss 8.1epss 0.01

    Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. In versions of evmos prior to 2.0.1 attackers are able to drain unclaimed funds from user addresses. To do this an attacker must create a new chain which does not enforce signature verification and connects…

  • CVE-2021-41265HigDec 9, 2021
    risk 0.46cvss 8.1epss 0.01

    Flask-AppBuilder is a development framework built on top of Flask. Verions prior to 3.3.4 contain an improper authentication vulnerability in the REST API. The issue allows for a malicious actor with a carefully crafted request to successfully authenticate and gain access to…

  • CVE-2021-41129HigOct 6, 2021
    risk 0.46cvss 8.1epss 0.02

    Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a `confirmation_token` input during the two-factor authentication process to reference a cache value not associated with the login attempt. In…

  • CVE-2021-39165HigAug 26, 2021
    risk 0.46cvss 8.1epss 0.10

    Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the `SearchableTrait#scopeSearch()`. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as…

  • CVE-2020-7787HigDec 9, 2020
    risk 0.46cvss 8.2epss 0.01

    This affects all versions of package react-adal. It is possible for a specially crafted JWT token and request URL can cause the nonce, session and refresh values to be incorrectly validated, causing the application to treat an attacker-generated JWT token as authentic. The…

  • CVE-2020-15222HigSep 24, 2020
    risk 0.46cvss 8.1epss 0.01

    In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.31.0, when using "private_key_jwt" authentication the uniqueness of the `jti` value is not checked. When using client authentication method "private_key_jwt", OpenId specification says…

  • CVE-2020-1718HigMay 12, 2020
    risk 0.46cvss 7.1epss 0.01

    A flaw was found in the reset credential flow in all Keycloak versions before 8.0.0. This flaw allows an attacker to gain unauthorized access to the application.

  • CVE-2018-16886HigJan 14, 2019
    risk 0.46cvss 8.1epss 0.04

    etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) which matches a valid…

  • CVE-2018-13446HigAug 16, 2018
    risk 0.46cvss 7.0epss 0.00

    An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary…

  • CVE-2018-13435HigAug 16, 2018
    risk 0.46cvss 7.0epss 0.00

    An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcode authentication. NOTE: the vendor indicates that this is not an attack of…

  • CVE-2014-3999HigApr 10, 2018
    risk 0.46cvss 8.1epss 0.03

    The Horde_Ldap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN.

  • CVE-2017-3765HigJan 10, 2018
    risk 0.46cvss 7.0epss 0.00

    In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can…

  • CVE-2017-1000489HigJan 3, 2018
    risk 0.46cvss 8.1epss 0.01

    Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address