VYPR

CWE-290

Authentication Bypass by Spoofing

BaseIncomplete

Description

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-21 · CAPEC-22 · CAPEC-459 · CAPEC-461 · CAPEC-473 · CAPEC-476 · CAPEC-59 · CAPEC-60 · CAPEC-667 · CAPEC-94

CVEs mapped to this weakness (280)

page 14 of 14
  • CVE-2022-39227Sep 23, 2022
    risk 0.00cvss epss 0.04

    python-jwt is a module for generating and verifying JSON Web Tokens. Versions prior to 3.3.4 are subject to Authentication Bypass by Spoofing, resulting in identity spoofing, session hijacking or authentication bypass. An attacker who obtains a JWT can arbitrarily forge its…

  • CVE-2022-35957Sep 20, 2022
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the…

  • CVE-2022-2368Jul 11, 2022
    risk 0.00cvss epss 0.01

    Authentication Bypass by Spoofing in GitHub repository microweber/microweber prior to 1.2.20.

  • CVE-2022-29165May 20, 2022
    risk 0.00cvss epss 0.02

    Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A critical vulnerability has been discovered in Argo CD starting with version 1.4.0 and prior to versions 2.1.15, 2.2.9, and 2.3.4 which would allow unauthenticated users to impersonate as any Argo CD user…

  • CVE-2022-24858Apr 19, 2022
    risk 0.00cvss epss 0.01

    next-auth v3 users before version 3.29.2 are impacted. next-auth version 4 users before version 4.3.2 are also impacted. Upgrading to 3.29.2 or 4.3.2 will patch this vulnerability. If you are not able to upgrade for any reason, you can add a configuration to your callbacks…

  • CVE-2021-43807Dec 14, 2021
    risk 0.00cvss epss 0.01

    Opencast is an Open Source Lecture Capture & Video Management for Education. Opencast versions prior to 9.10 allow HTTP method spoofing, allowing to change the assumed HTTP method via URL parameter. This allows attackers to turn HTTP GET requests into PUT requests or an HTTP…

  • CVE-2020-19003Oct 6, 2021
    risk 0.00cvss epss 0.01

    An issue in Gate One 1.2.0 allows attackers to bypass to the verification check done by the origins list and connect to Gate One instances used by hosts not on the origins list.

  • CVE-2021-20278May 28, 2021
    risk 0.00cvss epss 0.01

    An authentication bypass vulnerability was found in Kiali in versions before 1.31.0 when the authentication strategy `OpenID` is used. When RBAC is enabled, Kiali assumes that some of the token validation is handled by the underlying cluster. When OpenID `implicit flow` is used…

  • CVE-2020-27847May 28, 2021
    risk 0.00cvss epss 0.02

    A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. This flaw allows an attacker to bypass SAML authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system…

  • CVE-2021-21310Feb 11, 2021
    risk 0.00cvss epss 0.02

    NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. In next-auth before version 3.3.0 there is a token verification vulnerability. Implementations using the Prisma database adapter in conjunction with the Email provider are impacted.…

  • CVE-2020-17516Feb 3, 2021
    risk 0.00cvss epss 0.02

    Apache Cassandra versions 2.1.0 to 2.1.22, 2.2.0 to 2.2.19, 3.0.0 to 3.0.23, and 3.11.0 to 3.11.9, when using 'dc' or 'rack' internode_encryption setting, allows both encrypted and unencrypted internode connections. A misconfigured node or a malicious user can use the…

  • CVE-2020-26276Dec 17, 2020
    risk 0.00cvss epss 0.02

    Fleet is an open source osquery manager. In Fleet before version 3.5.1, due to issues in Go's standard library XML parsing, a valid SAML response may be mutated by an attacker to modify the trusted document. This can result in allowing unverified logins from a SAML IdP. Users…

  • CVE-2020-26254Dec 8, 2020
    risk 0.00cvss epss 0.01

    omniauth-apple is the OmniAuth strategy for "Sign In with Apple" (RubyGem omniauth-apple). In omniauth-apple before version 1.0.1 attackers can fake their email address during authentication. This vulnerability impacts applications using the omniauth-apple strategy of OmniAuth…

  • CVE-2020-16250Aug 26, 2020
    risk 0.00cvss epss 0.01

    HashiCorp Vault and Vault Enterprise versions 0.7.1 and newer, when configured with the AWS IAM auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1..

  • CVE-2020-5415Aug 12, 2020
    risk 0.00cvss epss 0.01

    Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoofing by way of configuring a GitLab account with the same full name as another user who is granted access to a Concourse team. GitLab groups do not…

  • CVE-2019-16766Nov 29, 2019
    risk 0.00cvss epss 0.01

    When using wagtail-2fa before 1.3.0, if someone gains access to someone's Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version…

  • CVE-2018-16483Feb 1, 2019
    risk 0.00cvss epss 0.01

    A deficiency in the access control in module express-cart <=1.1.5 allows unprivileged users to add new users to the application as administrators.

  • CVE-2017-18190HigFeb 16, 2018
    risk 0.00cvss 7.5epss 0.03

    A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often…

  • CVE-2017-1000424MedJan 2, 2018
    risk 0.00cvss 4.3epss 0.01

    Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable to a URL Spoofing problem when opening PDFs in PDFium resulting loading arbitrary PDFs that a hacker can control.

  • CVE-2015-0219Jan 16, 2015
    risk 0.00cvss epss 0.07

    Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X-Auth_User header.