VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 64 of 121
  • CVE-2024-40648MedJul 18, 2024
    risk 0.28cvss 5.4epss 0.00

    matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. The `UserIdentity::is_verified()` method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's own identity while performing the check…

  • CVE-2024-27867MedJun 26, 2024
    risk 0.28cvss 4.3epss 0.01

    An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headphones are seeking a connection request to one of your previously paired devices,…

  • CVE-2024-37233MedJun 24, 2024
    risk 0.28cvss 4.3epss 0.00

    Improper Authentication vulnerability in Play.Ht allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Play.Ht: from n/a through 3.6.4.

  • CVE-2024-37897MedJun 20, 2024
    risk 0.28cvss 5.4epss 0.00

    SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob. SFTPGo WebAdmin and WebClient support password reset. This feature is disabled in the default configuration. In SFTPGo versions prior to v2.6.1, if the…

  • CVE-2024-38351MedJun 18, 2024
    risk 0.28cvss 5.4epss 0.00

    Pocketbase is an open source web backend written in go. In affected versions a malicious user may be able to compromise other user accounts. In order to be exploited users must have both OAuth2 and Password auth methods enabled. A possible attack scenario could be: 1. a…

  • CVE-2024-37152MedJun 6, 2024
    risk 0.28cvss 5.3epss 0.02

    Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authentication. All sensitive settings are hidden except passwordPattern. This…

  • CVE-2023-4242MedAug 9, 2023
    risk 0.28cvss 4.3epss 0.00

    The FULL - Customer plugin for WordPress is vulnerable to Information Disclosure via the /health REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authenticated attackers with subscriber-level permissions and above to obtain sensitive…

  • CVE-2023-32682MedJun 6, 2023
    risk 0.28cvss 5.4epss 0.01

    Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. In affected versions it may be possible for a deactivated user to login when using uncommon configurations. This only applies if any of the following are true: 1. JSON Web Tokens are enabled…

  • CVE-2022-36106MedSep 13, 2022
    risk 0.28cvss 5.4epss 0.01

    TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the expiration time of a password reset link for TYPO3 backend users has never been evaluated. As a result, a password reset link could be used to perform a…

  • CVE-2022-29237MedMay 24, 2022
    risk 0.28cvss 5.4epss 0.01

    Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current…

  • CVE-2022-23600MedFeb 4, 2022
    risk 0.28cvss 5.3epss 0.01

    fleet is an open source device management, built on osquery. Versions prior to 4.9.1 expose a limited ability to spoof SAML authentication with missing audience verification. This impacts deployments using SAML SSO in two specific cases: 1. A malicious or compromised Service…

  • CVE-2022-21692MedJan 18, 2022
    risk 0.28cvss 4.3epss 0.01

    OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions anyone with access to the chat environment can write messages disguised as another chat participant.

  • CVE-2022-21695MedJan 18, 2022
    risk 0.28cvss 4.3epss 0.01

    OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions authenticated users (or unauthenticated in public mode) can send messages without being visible in the list of…

  • CVE-2021-41580MedSep 27, 2021
    risk 0.28cvss 5.3epss 0.01

    The passport-oauth2 package before 1.6.1 for Node.js mishandles the error condition of failure to obtain an access token. This is exploitable in certain use cases where an OAuth identity provider uses an HTTP 200 status code for authentication-failure error reports, and an…

  • CVE-2021-26697MedFeb 17, 2021
    risk 0.28cvss 5.3epss 0.05

    The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as the attacker needs to be aware of certain parameters to pass to that endpoint and…

  • CVE-2020-29662MedFeb 2, 2021
    risk 0.28cvss 5.3epss 0.01

    In Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2 the catalog’s registry API is exposed on an unauthenticated path.

  • CVE-2018-1773MedSep 12, 2018
    risk 0.28cvss 4.3epss 0.01

    IBM Datacap Fastdoc Capture 9.1.1, 9.1.3, and 9.1.4 could allow an authenticated user to bypass future authentication mechanisms once the initial login is completed. IBM X-Force ID: 148691.

  • CVE-2018-1999045MedAug 23, 2018
    risk 0.28cvss 5.4epss 0.01

    A improper authentication vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in SecurityRealm.java, TokenBasedRememberMeServices2.java that allows attackers with a valid cookie to remain logged in even if that feature is disabled.

  • CVE-2016-6549MedJul 13, 2018
    risk 0.28cvss 4.3epss 0.01

    The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute.

  • CVE-2018-0528MedJun 26, 2018
    risk 0.28cvss 4.3epss 0.01

    Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors.