VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 55 of 121
  • CVE-2014-10067MedMay 29, 2018
    risk 0.38cvss 5.9epss 0.01

    paypal-ipn before 3.0.0 uses the `test_ipn` parameter (which is set by the PayPal IPN simulator) to determine if it should use the production PayPal site or the sandbox. With a bit of time, an attacker could craft a request using the simulator that would fool any application…

  • CVE-2018-1443MedMar 8, 2018
    risk 0.38cvss 5.9epss 0.00

    An XML parsing vulnerability affects IBM SAML-based single sign-on (SSO) systems (IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2.) This vulnerability can allow an attacker with authenticated access to trick SAML systems into…

  • CVE-2017-9475MedJul 31, 2017
    risk 0.38cvss 5.9epss 0.01

    Comcast XFINITY WiFi Home Hotspot devices allow remote attackers to spoof the identities of Comcast customers via a forged MAC address.

  • CVE-2017-6703MedJul 4, 2017
    risk 0.38cvss 5.9epss 0.02

    A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session. More Information: CSCvc90346. Known Affected Releases: 12.1.

  • CVE-2026-47166MedJun 10, 2026
    risk 0.37cvss 5.7epss 0.00

    ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process. This issue has been…

  • CVE-2026-47838MedJun 10, 2026
    risk 0.37cvss 6.8epss 0.00

    SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user. Affected versions:…

  • CVE-2026-44707MedMay 26, 2026
    risk 0.37cvss 6.8epss 0.00

    Chatwoot is a customer engagement suite. From 2.14.0 to before 4.13.0, a Pre-Account Takeover (Pre-ATO) vulnerability existed in Chatwoot's authentication flow. Because email confirmation was not enforced before an account became usable, an attacker could pre-register an email…

  • CVE-2026-41671MedMay 7, 2026
    risk 0.37cvss 6.8epss 0.00

    Admidio is an open-source user management solution. Prior to version 5.0.9, the OIDC token introspection endpoint (/modules/sso/index.php/oidc/introspect) always returns {"active": true} for every request, regardless of whether a valid token is provided, whether the token is…

  • CVE-2025-56578MedSep 10, 2025
    risk 0.37cvss 5.7epss 0.00

    An issue in RTSPtoWeb v.2.4.3 allows a remote attacker to obtain sensitive information and executearbitrary code via the lack of authentication mechanisms

  • CVE-2025-52294MedJul 1, 2025
    risk 0.37cvss 5.7epss 0.00

    Insufficient validation of the screen lock mechanism in Trust Wallet v8.45 allows physically proximate attackers to bypass the lock screen and view the wallet balance.

  • CVE-2025-32875MedJun 20, 2025
    risk 0.37cvss 5.7epss 0.00

    An issue was discovered in the COROS application through 3.8.12 for Android. Bluetooth pairing and bonding is neither initiated nor enforced by the application itself. Also, the watch does not enforce pairing and bonding. As a result, any data transmitted via BLE remains…

  • CVE-2023-50714MedDec 22, 2023
    risk 0.37cvss 6.8epss 0.00

    yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the `authCodeVerifier` should be removed after usage…

  • CVE-2023-37918MedJul 21, 2023
    risk 0.37cvss 6.8epss 0.01

    Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. A vulnerability has been found in Dapr that allows bypassing API token authentication, which is used by the Dapr sidecar to authenticate calls coming from the application, with…

  • CVE-2022-39263MedSep 28, 2022
    risk 0.37cvss 6.8epss 0.01

    `@next-auth/upstash-redis-adapter` is the Upstash Redis adapter for NextAuth.js, which provides authentication for Next.js. Applications that use `next-auth` Email Provider and `@next-auth/upstash-redis-adapter` before v3.0.2 are affected by this vulnerability. The Upstash Redis…

  • CVE-2021-3827MedAug 23, 2022
    risk 0.37cvss 6.8epss 0.01

    A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's…

  • CVE-2022-24748MedMar 9, 2022
    risk 0.37cvss 6.8epss 0.01

    Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In versions prior to 6.4.8.2 it is possible to modify customers and to create orders without App Permission. This issue is a result of improper api route checking. Users…

  • CVE-2021-32693MedJun 17, 2021
    risk 0.37cvss 6.8epss 0.01

    Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token…

  • CVE-2020-27838MedMar 8, 2021
    risk 0.37cvss 6.5epss 0.18

    A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients (like client secret) without authentication which could be an issue if the same PUBLIC client changed to CONFIDENTIAL later. The highest…

  • CVE-2018-0087MedMar 8, 2018
    risk 0.37cvss 5.6epss 0.02

    A vulnerability in the FTP server of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to log in to the FTP server of the device without a valid password. The attacker does need to have a valid username. The vulnerability is due to incorrect…

  • CVE-2018-3815MedJan 8, 2018
    risk 0.37cvss 5.7epss 0.01

    The "XML Interface to Messaging, Scheduling, and Signaling" (XIMSS) protocol implementation in CommuniGate Pro (CGP) 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated attacker to send a message…