VYPR

CWE-290

Authentication Bypass by Spoofing

BaseIncomplete

Description

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-21 · CAPEC-22 · CAPEC-459 · CAPEC-461 · CAPEC-473 · CAPEC-476 · CAPEC-59 · CAPEC-60 · CAPEC-667 · CAPEC-94

CVEs mapped to this weakness (280)

page 5 of 14
  • CVE-2025-6188HigAug 25, 2025
    risk 0.49cvss 7.5epss 0.00

    On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of…

  • CVE-2025-3875HigMay 14, 2025
    risk 0.49cvss 7.5epss 0.00

    Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name ", Thunderbird treats spoofed@example.com as the actual address. This…

  • CVE-2025-46573HigMay 6, 2025
    risk 0.49cvss epss 0.00

    passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user during SAML authentication by tampering with a valid SAML response.…

  • CVE-2024-8935HigNov 13, 2024
    risk 0.49cvss 7.5epss 0.00

    CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause a denial of service and loss of confidentiality and integrity of controllers when conducting a Man-In-The-Middle attack between the controller and the engineering workstation while a valid user is…

  • CVE-2024-8901HigOct 22, 2024
    risk 0.49cvss 7.5epss 0.00

    The AWS ALB Route Directive Adapter For Istio repo https://github.com/awslabs/aws-alb-route-directive-adapter-for-istio/tree/master provides an OIDC authentication mechanism that was integrated into the open source Kubeflow project. The adapter uses JWT for authentication, but…

  • CVE-2024-10125HigOct 22, 2024
    risk 0.49cvss 7.5epss 0.00

    The Amazon.ApplicationLoadBalancer.Identity.AspNetCore repo https://github.com/awslabs/aws-alb-identity-aspnetcore#validatetokensignature contains Middleware that can be used in conjunction with the Application Load Balancer (ALB) OpenId Connect integration and can be used in…

  • CVE-2024-49193HigOct 12, 2024
    risk 0.49cvss 7.5epss 0.01

    Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing, because Cc fields are extracted from incoming e-mail messages and used to grant additional authorization for ticket viewing, the mechanism for detecting spoofed e-mail messages is…

  • CVE-2017-11717HigJul 28, 2017
    risk 0.49cvss 7.5epss 0.01

    MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier for remote attackers to bypass intended challenge requirements by modifying the client-server data stream, as demonstrated by the login/findpass page.

  • CVE-2017-6405HigMar 2, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Hostname-based security is open to DNS spoofing.

  • CVE-2025-68644HigDec 21, 2025
    risk 0.48cvss 7.4epss 0.00

    Yealink RPS before 2025-06-27 allows unauthorized access to information, including AutoP URL addresses. This was fixed by deploying an enhanced authentication mechanism through a security update to all cloud instances.

  • CVE-2025-27616HigMar 10, 2025
    risk 0.48cvss 8.5epss 0.00

    Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Prior to versions 0.25.3 and 0.26.3, by spoofing a webhook payload with a specific set of headers and body data, an attacker could transfer ownership of a repository and its…

  • CVE-2018-1695HigSep 6, 2018
    risk 0.48cvss 7.3epss 0.02

    IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a remote attacker to conduct spoofing attacks. IBM X-Force ID: 145769.

  • CVE-2018-12331HigJun 17, 2018
    risk 0.48cvss 7.4epss 0.01

    Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2.68 allows a man-in-the-middle attacker to compromise authentication keys and configurations via IP spoofing during "Easy Enrollment."

  • CVE-2025-50328HigApr 29, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability in B1 Free Archiver v1.5.86 allows files extracted from downloaded archives to bypass Windows Mark of the Web (MotW) protections. When an archive is downloaded from the internet and extracted using B1 Free Archiver, the software fails to propagate the…

  • CVE-2025-31511HigJul 22, 2025
    risk 0.47cvss 7.3epss 0.00

    An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval by changing the user ID in a Request%20Building%20Access requestSubmit API call. The vendor has stated that the system is protected by updating to a version equal to or greater than…

  • CVE-2025-29621HigApr 22, 2025
    risk 0.47cvss 7.3epss 0.00

    Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in the Theme configuration under the My Preferences module. This vulnerability allows attackers to manipulate application settings.

  • CVE-2025-3029HigApr 1, 2025
    risk 0.47cvss 7.3epss 0.00

    A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability was fixed in Firefox 137, Firefox ESR 128.9, Thunderbird 137, and Thunderbird 128.9.

  • CVE-1999-0012HigFeb 6, 1998
    risk 0.47cvss 7.0epss 0.18

    Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.

  • CVE-2026-53857HigJun 16, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.5.3 contains a policy enforcement vulnerability where Zalo contacts with mutable display metadata could match allowFrom policy entries through display name changes. Attackers with mutable display names could receive agent responses intended for different…

  • CVE-2026-53849HigJun 16, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.5.7 contains a privilege escalation vulnerability where the allowFrom feature improperly validates Discord account identity using mutable display names instead of immutable user IDs. Attackers with Discord accounts can change their display name to match a…