CWE-287
Improper Authentication
Description
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94
CVEs mapped to this weakness (2,419)
page 49 of 121| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-24901 | Hig | 0.42 | 7.5 | 0.01 | May 4, 2022 | Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. The vulnerability has been fixed by improving the URL validation and adding additional checks… | ||
| CVE-2022-23635 | Hig | 0.42 | 7.5 | 0.02 | Feb 22, 2022 | Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane… | ||
| CVE-2021-31606 | — | Hig | 0.42 | 7.5 | 0.02 | Sep 27, 2021 | furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients. | |
| CVE-2021-22004 | — | Med | 0.42 | 6.4 | 0.00 | Sep 8, 2021 | An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion… | |
| CVE-2020-26136 | — | Med | 0.42 | 6.5 | 0.01 | Jun 8, 2021 | In SilverStripe through 4.6.0-rc1, GraphQL doesn't honour MFA (multi-factor authentication) when using basic authentication. | |
| CVE-2021-26074 | Med | 0.42 | 6.5 | 0.01 | Apr 16, 2021 | Broken Authentication in Atlassian Connect Spring Boot (ACSB) from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot… | ||
| CVE-2021-21403 | Hig | 0.42 | 7.5 | 0.01 | Mar 26, 2021 | In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21. | ||
| CVE-2021-25834 | — | Hig | 0.42 | 7.5 | 0.01 | Feb 8, 2021 | Cosmos Network Ethermint <= v0.4.0 is affected by a transaction replay vulnerability in the EVM module. If the victim sends a very large nonce transaction, the attacker can replay the transaction through the application. | |
| CVE-2021-3282 | — | Hig | 0.42 | 7.5 | 0.01 | Feb 1, 2021 | HashiCorp Vault Enterprise 1.6.0 & 1.6.1 allowed the `remove-peer` raft operator command to be executed against DR secondaries without authentication. Fixed in 1.6.2. | |
| CVE-2021-26118 | — | Hig | 0.42 | 7.5 | 0.04 | Jan 27, 2021 | While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in… | |
| CVE-2021-3116 | — | Hig | 0.42 | 7.5 | 0.02 | Jan 11, 2021 | before_upstream_connection in AuthPlugin in http/proxy/auth.py in proxy.py before 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion (and versus or). | |
| CVE-2020-26160 | — | Hig | 0.42 | 7.5 | 0.02 | Sep 30, 2020 | jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is… | |
| CVE-2020-15136 | Med | 0.42 | 6.5 | 0.02 | Aug 6, 2020 | In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the… | ||
| CVE-2019-20894 | — | Hig | 0.42 | 7.5 | 0.02 | Jul 2, 2020 | Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_BAD_SSL_CLIENT_AUTH_CERT should have occurred. | |
| CVE-2013-4593 | — | Hig | 0.42 | 7.5 | 0.02 | Dec 11, 2019 | RubyGem omniauth-facebook has an access token security vulnerability | |
| CVE-2019-18848 | — | Hig | 0.42 | 7.5 | 0.01 | Nov 12, 2019 | The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. | |
| CVE-2013-5123 | — | Med | 0.42 | 5.9 | 0.08 | Nov 5, 2019 | The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. | |
| CVE-2019-10911 | — | Hig | 0.42 | 7.5 | 0.01 | May 16, 2019 | In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related… | |
| CVE-2018-15542 | Med | 0.42 | 6.4 | 0.00 | Oct 9, 2018 | An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary… | ||
| CVE-2018-0505 | Med | 0.42 | 6.5 | 0.02 | Oct 4, 2018 | Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock |
- risk 0.42cvss 7.5epss 0.01
Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. The vulnerability has been fixed by improving the URL validation and adding additional checks…
- risk 0.42cvss 7.5epss 0.02
Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane…
- risk 0.42cvss 7.5epss 0.02
furlongm openvpn-monitor through 1.1.3 allows Authorization Bypass to disconnect arbitrary clients.
- risk 0.42cvss 6.4epss 0.00
An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion…
- risk 0.42cvss 6.5epss 0.01
In SilverStripe through 4.6.0-rc1, GraphQL doesn't honour MFA (multi-factor authentication) when using basic authentication.
- risk 0.42cvss 6.5epss 0.01
Broken Authentication in Atlassian Connect Spring Boot (ACSB) from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot…
- risk 0.42cvss 7.5epss 0.01
In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21.
- risk 0.42cvss 7.5epss 0.01
Cosmos Network Ethermint <= v0.4.0 is affected by a transaction replay vulnerability in the EVM module. If the victim sends a very large nonce transaction, the attacker can replay the transaction through the application.
- risk 0.42cvss 7.5epss 0.01
HashiCorp Vault Enterprise 1.6.0 & 1.6.1 allowed the `remove-peer` raft operator command to be executed against DR secondaries without authentication. Fixed in 1.6.2.
- risk 0.42cvss 7.5epss 0.04
While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in…
- risk 0.42cvss 7.5epss 0.02
before_upstream_connection in AuthPlugin in http/proxy/auth.py in proxy.py before 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion (and versus or).
- risk 0.42cvss 7.5epss 0.02
jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is…
- risk 0.42cvss 6.5epss 0.02
In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the…
- risk 0.42cvss 7.5epss 0.02
Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_BAD_SSL_CLIENT_AUTH_CERT should have occurred.
- risk 0.42cvss 7.5epss 0.02
RubyGem omniauth-facebook has an access token security vulnerability
- risk 0.42cvss 7.5epss 0.01
The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string.
- risk 0.42cvss 5.9epss 0.08
The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks.
- risk 0.42cvss 7.5epss 0.01
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related…
- risk 0.42cvss 6.4epss 0.00
An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary…
- risk 0.42cvss 6.5epss 0.02
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock