CWE-287
Improper Authentication
Description
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94
CVEs mapped to this weakness (2,419)
page 64 of 121| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-40648 | Med | 0.28 | 5.4 | 0.00 | Jul 18, 2024 | matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. The `UserIdentity::is_verified()` method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's own identity while performing the check… | ||
| CVE-2024-27867 | Med | 0.28 | 4.3 | 0.01 | Jun 26, 2024 | An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headphones are seeking a connection request to one of your previously paired devices,… | ||
| CVE-2024-37233 | Med | 0.28 | 4.3 | 0.00 | Jun 24, 2024 | Improper Authentication vulnerability in Play.Ht allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Play.Ht: from n/a through 3.6.4. | ||
| CVE-2024-37897 | Med | 0.28 | 5.4 | 0.00 | Jun 20, 2024 | SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob. SFTPGo WebAdmin and WebClient support password reset. This feature is disabled in the default configuration. In SFTPGo versions prior to v2.6.1, if the… | ||
| CVE-2024-38351 | Med | 0.28 | 5.4 | 0.00 | Jun 18, 2024 | Pocketbase is an open source web backend written in go. In affected versions a malicious user may be able to compromise other user accounts. In order to be exploited users must have both OAuth2 and Password auth methods enabled. A possible attack scenario could be: 1. a… | ||
| CVE-2024-37152 | Med | 0.28 | 5.3 | 0.02 | Jun 6, 2024 | Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authentication. All sensitive settings are hidden except passwordPattern. This… | ||
| CVE-2023-4242 | Med | 0.28 | 4.3 | 0.00 | Aug 9, 2023 | The FULL - Customer plugin for WordPress is vulnerable to Information Disclosure via the /health REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authenticated attackers with subscriber-level permissions and above to obtain sensitive… | ||
| CVE-2023-32682 | Med | 0.28 | 5.4 | 0.01 | Jun 6, 2023 | Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. In affected versions it may be possible for a deactivated user to login when using uncommon configurations. This only applies if any of the following are true: 1. JSON Web Tokens are enabled… | ||
| CVE-2022-36106 | Med | 0.28 | 5.4 | 0.01 | Sep 13, 2022 | TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the expiration time of a password reset link for TYPO3 backend users has never been evaluated. As a result, a password reset link could be used to perform a… | ||
| CVE-2022-29237 | Med | 0.28 | 5.4 | 0.01 | May 24, 2022 | Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current… | ||
| CVE-2022-23600 | Med | 0.28 | 5.3 | 0.01 | Feb 4, 2022 | fleet is an open source device management, built on osquery. Versions prior to 4.9.1 expose a limited ability to spoof SAML authentication with missing audience verification. This impacts deployments using SAML SSO in two specific cases: 1. A malicious or compromised Service… | ||
| CVE-2022-21692 | Med | 0.28 | 4.3 | 0.01 | Jan 18, 2022 | OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions anyone with access to the chat environment can write messages disguised as another chat participant. | ||
| CVE-2022-21695 | Med | 0.28 | 4.3 | 0.01 | Jan 18, 2022 | OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions authenticated users (or unauthenticated in public mode) can send messages without being visible in the list of… | ||
| CVE-2021-41580 | — | Med | 0.28 | 5.3 | 0.01 | Sep 27, 2021 | The passport-oauth2 package before 1.6.1 for Node.js mishandles the error condition of failure to obtain an access token. This is exploitable in certain use cases where an OAuth identity provider uses an HTTP 200 status code for authentication-failure error reports, and an… | |
| CVE-2021-26697 | Med | 0.28 | 5.3 | 0.05 | Feb 17, 2021 | The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as the attacker needs to be aware of certain parameters to pass to that endpoint and… | ||
| CVE-2020-29662 | — | Med | 0.28 | 5.3 | 0.01 | Feb 2, 2021 | In Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2 the catalog’s registry API is exposed on an unauthenticated path. | |
| CVE-2018-1773 | Med | 0.28 | 4.3 | 0.01 | Sep 12, 2018 | IBM Datacap Fastdoc Capture 9.1.1, 9.1.3, and 9.1.4 could allow an authenticated user to bypass future authentication mechanisms once the initial login is completed. IBM X-Force ID: 148691. | ||
| CVE-2018-1999045 | — | Med | 0.28 | 5.4 | 0.01 | Aug 23, 2018 | A improper authentication vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in SecurityRealm.java, TokenBasedRememberMeServices2.java that allows attackers with a valid cookie to remain logged in even if that feature is disabled. | |
| CVE-2016-6549 | Med | 0.28 | 4.3 | 0.01 | Jul 13, 2018 | The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute. | ||
| CVE-2018-0528 | Med | 0.28 | 4.3 | 0.01 | Jun 26, 2018 | Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors. |
- risk 0.28cvss 5.4epss 0.00
matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. The `UserIdentity::is_verified()` method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's own identity while performing the check…
- risk 0.28cvss 4.3epss 0.01
An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headphones are seeking a connection request to one of your previously paired devices,…
- risk 0.28cvss 4.3epss 0.00
Improper Authentication vulnerability in Play.Ht allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Play.Ht: from n/a through 3.6.4.
- risk 0.28cvss 5.4epss 0.00
SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob. SFTPGo WebAdmin and WebClient support password reset. This feature is disabled in the default configuration. In SFTPGo versions prior to v2.6.1, if the…
- risk 0.28cvss 5.4epss 0.00
Pocketbase is an open source web backend written in go. In affected versions a malicious user may be able to compromise other user accounts. In order to be exploited users must have both OAuth2 and Password auth methods enabled. A possible attack scenario could be: 1. a…
- risk 0.28cvss 5.3epss 0.02
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authentication. All sensitive settings are hidden except passwordPattern. This…
- risk 0.28cvss 4.3epss 0.00
The FULL - Customer plugin for WordPress is vulnerable to Information Disclosure via the /health REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authenticated attackers with subscriber-level permissions and above to obtain sensitive…
- risk 0.28cvss 5.4epss 0.01
Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. In affected versions it may be possible for a deactivated user to login when using uncommon configurations. This only applies if any of the following are true: 1. JSON Web Tokens are enabled…
- risk 0.28cvss 5.4epss 0.01
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the expiration time of a password reset link for TYPO3 backend users has never been evaluated. As a result, a password reset link could be used to perform a…
- risk 0.28cvss 5.4epss 0.01
Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current…
- risk 0.28cvss 5.3epss 0.01
fleet is an open source device management, built on osquery. Versions prior to 4.9.1 expose a limited ability to spoof SAML authentication with missing audience verification. This impacts deployments using SAML SSO in two specific cases: 1. A malicious or compromised Service…
- risk 0.28cvss 4.3epss 0.01
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions anyone with access to the chat environment can write messages disguised as another chat participant.
- risk 0.28cvss 4.3epss 0.01
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions authenticated users (or unauthenticated in public mode) can send messages without being visible in the list of…
- risk 0.28cvss 5.3epss 0.01
The passport-oauth2 package before 1.6.1 for Node.js mishandles the error condition of failure to obtain an access token. This is exploitable in certain use cases where an OAuth identity provider uses an HTTP 200 status code for authentication-failure error reports, and an…
- risk 0.28cvss 5.3epss 0.05
The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as the attacker needs to be aware of certain parameters to pass to that endpoint and…
- risk 0.28cvss 5.3epss 0.01
In Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2 the catalog’s registry API is exposed on an unauthenticated path.
- risk 0.28cvss 4.3epss 0.01
IBM Datacap Fastdoc Capture 9.1.1, 9.1.3, and 9.1.4 could allow an authenticated user to bypass future authentication mechanisms once the initial login is completed. IBM X-Force ID: 148691.
- risk 0.28cvss 5.4epss 0.01
A improper authentication vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in SecurityRealm.java, TokenBasedRememberMeServices2.java that allows attackers with a valid cookie to remain logged in even if that feature is disabled.
- risk 0.28cvss 4.3epss 0.01
The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute.
- risk 0.28cvss 4.3epss 0.01
Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors.