VYPR

CWE-287

Improper Authentication

ClassDraftLikelihood: High

Description

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-114 · CAPEC-115 · CAPEC-151 · CAPEC-194 · CAPEC-22 · CAPEC-57 · CAPEC-593 · CAPEC-633 · CAPEC-650 · CAPEC-94

CVEs mapped to this weakness (2,419)

page 67 of 121
  • CVE-2021-36368LowMar 13, 2022
    risk 0.24cvss 3.7epss 0.02

    An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether…

  • CVE-2021-39138MedAug 19, 2021
    risk 0.24cvss 4.8epss 0.01

    Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Developers can use the REST API to signup users and also allow users to login anonymously. Prior to version 4.5.1, when an anonymous user is first signed up using REST, the…

  • CVE-2021-25956MedAug 17, 2021
    risk 0.24cvss 4.7epss 0.01

    In “Dolibarr” application, v3.3.beta1_20121221 to v13.0.2 have “Modify” access for admin level users to change other user’s details but fails to validate already existing “Login” name, while renaming the user “Login”. This leads to complete account takeover of…

  • CVE-2021-23365MedApr 26, 2021
    risk 0.24cvss 4.8epss 0.01

    The package github.com/tyktechnologies/tyk-identity-broker before 1.1.1 are vulnerable to Authentication Bypass via the Go XML parser which can cause SAML authentication bypass. This is because the XML parser doesn’t guarantee integrity in the XML round-trip (encoding/decoding…

  • CVE-2019-10157MedJun 12, 2019
    risk 0.24cvss 4.7epss 0.00

    It was found that Keycloak's Node.js adapter before version 4.8.3 did not properly verify the web token received from the server in its backchannel logout . An attacker with local access could use this to construct a malicious web token setting an NBF parameter that could…

  • CVE-2017-12196MedApr 18, 2018
    risk 0.24cvss 4.8epss 0.02

    undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM…

  • CVE-2017-1520LowSep 12, 2017
    risk 0.24cvss 3.7epss 0.01

    IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830.

  • CVE-2016-1356LowMar 3, 2016
    risk 0.24cvss 3.7epss 0.01

    Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to enumerate valid usernames by measuring timing differences, aka Bug ID CSCuy41615.

  • CVE-2022-48575LowJun 10, 2026
    risk 0.23cvss 3.5epss 0.00

    A person with access to a Mac may be able to bypass Login Window. A consistency issue was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4.

  • CVE-2026-45153MedJun 1, 2026
    risk 0.23cvss 4.6epss 0.00

    Nextcloud is an open source content collaboration platform. From version 33.0.0 to before version 33.1.0, after unlocking a locked Android phone the back-button could be used to bypass the Nextcloud Files app PIN. This issue has been patched in version 33.1.0.

  • CVE-2025-27414MedFeb 28, 2025
    risk 0.23cvss epss 0.01

    MinIO is a high performance object storage. Starting in RELEASE.2024-06-06T09-36-42Z and prior to RELEASE.2025-02-28T09-55-16Z, a bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. On a MinIO…

  • CVE-2018-12446LowJun 20, 2018
    risk 0.23cvss 3.6epss 0.00

    An issue was discovered in the com.dropbox.android application 98.2.2 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary…

  • CVE-2025-64517MedNov 12, 2025
    risk 0.22cvss 4.4epss 0.00

    sudo-rs is a memory safe implementation of sudo and su written in Rust. With `Defaults targetpw` (or `Defaults rootpw`) enabled, the password of the target account (or root account) instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and…

  • CVE-2023-0657LowNov 17, 2024
    risk 0.22cvss 3.4epss 0.00

    A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions.

  • CVE-2024-45042MedSep 26, 2024
    risk 0.22cvss 4.4epss 0.00

    Ory Kratos is an identity, user management and authentication system for cloud services. Prior to version 1.3.0, given a number of preconditions, the `highest_available` setting will incorrectly assume that the identity’s highest available AAL is `aal1` even though it really…

  • CVE-2026-49848MedJun 9, 2026
    risk 0.21cvss 4.3epss 0.00

    FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, mod_verto's check_auth userauth branch wrote request-supplied…

  • CVE-2025-3634MedApr 25, 2025
    risk 0.21cvss 4.3epss 0.00

    A security vulnerability was discovered in Moodle that allows students to enroll themselves in courses without completing all the necessary safety checks. Specifically, users can sign up for courses prematurely, even if they haven't finished two-step verification processes.

  • CVE-2024-6582MedSep 13, 2024
    risk 0.21cvss 4.3epss 0.00

    A broken access control vulnerability exists in the latest version of lunary-ai/lunary. The `saml.ts` file allows a user from one organization to update the Identity Provider (IDP) settings and view the SSO metadata of another organization. This vulnerability can lead to…

  • CVE-2024-45036MedAug 26, 2024
    risk 0.21cvss 4.3epss 0.00

    Tophat is a mobile applications testing harness. An Improper Access Control vulnerability can expose the `TOPHAT_APP_TOKEN` token stored in `~/.tophatrc` through use of a malicious Tophat URL controlled by the attacker. The vulnerability allows Tophat to send this token to the…

  • CVE-2024-40778LowJul 29, 2024
    risk 0.21cvss 3.3epss 0.00

    An authentication issue was addressed with improved state management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Photos in the Hidden Photos Album may be viewed without authentication.