VYPR

CWE-303

Incorrect Implementation of Authentication Algorithm

BaseDraft

Description

The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.

This incorrect implementation may allow authentication to be bypassed.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-90

CVEs mapped to this weakness (38)

page 1 of 2
  • CVE-2024-7593CriKEVAug 13, 2024
    risk 0.86cvss 9.8epss 1.00

    Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.

  • CVE-2026-46389CriJun 5, 2026
    risk 0.65cvss 10.0epss 0.00

    UDS Identity Config builds the Keycloak configuration image (realm, plugins, theme, truststore, JARs) consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in the `client-kubernetes-secret` Keycloak client authenticator (shipped by…

  • CVE-2026-29515CriMar 11, 2026
    risk 0.64cvss 9.8epss 0.00

    MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which…

  • CVE-2018-4841CriMar 29, 2018
    risk 0.64cvss 9.8epss 0.05

    A vulnerability has been identified in TIM 1531 IRC (All versions < V1.1). A remote attacker with network access to port 80/tcp or port 443/tcp could perform administrative operations on the device without prior authentication. Successful exploitation could allow to cause a…

  • CVE-2024-4332CriJun 3, 2024
    risk 0.61cvss epss 0.01

    An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional "Auto-synchronize LDAP Users, Roles, and Groups" feature is…

  • CVE-2026-41103CriMay 12, 2026
    risk 0.59cvss 9.1epss 0.05

    Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2026-0073HigMay 4, 2026
    risk 0.57cvss 8.8epss 0.01

    In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution as the shell user with no additional execution privileges needed. User interaction…

  • CVE-2025-4676HigJan 7, 2026
    risk 0.57cvss 8.8epss 0.00

    Incorrect Implementation of Authentication Algorithm vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K.

  • CVE-2025-53782HigOct 14, 2025
    risk 0.55cvss 8.4epss 0.00

    Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally.

  • CVE-2025-14510HigJan 16, 2026
    risk 0.53cvss 8.1epss 0.00

    Incorrect Implementation of Authentication Algorithm vulnerability in ABB ABB Ability OPTIMAX.This issue affects ABB Ability OPTIMAX: 6.1, 6.2, from 6.3.0 before 6.3.1-251120, from 6.4.0 before 6.4.1-251120.

  • CVE-2025-44557HigJun 27, 2025
    risk 0.53cvss 8.1epss 0.00

    A state machine transition flaw in the Bluetooth Low Energy (BLE) stack of Cypress PSoC4 v3.66 allows attackers to bypass the pairing process and authentication via a crafted pairing_failed packet.

  • CVE-2016-9463HigMar 28, 2017
    risk 0.53cvss 8.1epss 0.04

    Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. Nextcloud/ownCloud include an optional and not by default enabled SMB authentication component that allows authenticating users against an SMB…

  • CVE-2026-43640HigMay 11, 2026
    risk 0.46cvss 8.1epss 0.01

    Bitwarden Server prior to v2026.4.1 does not require master-password re-authentication when retrieving or rotating an organization's SCIM API key, allowing an authenticated user with SCIM management privileges to obtain the key using only a valid session.

  • CVE-2024-8642HigSep 11, 2024
    risk 0.46cvss 8.1epss 0.00

    In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date), which can allow an attacker to bypass the check for token expiration. The…

  • CVE-2026-33190HigMay 5, 2026
    risk 0.42cvss 7.5epss 0.00

    CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the tsig plugin can be bypassed on non-plain-DNS transports (DoT, DoH, DoH3, DoQ, and gRPC) because it trusts the transport writer's TsigStatus() instead of performing verification itself. The DoH and DoH3…

  • CVE-2024-9999MedNov 12, 2024
    risk 0.42cvss 6.5epss 0.00

    In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implementation of Authentication Algorithm in the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only.

  • CVE-2025-43856HigJul 11, 2025
    risk 0.40cvss epss 0.00

    immich is a high performance self-hosted photo and video management solution. Prior to 1.132.0, immich is vulnerable to account hijacking through oauth2, because the state parameter is not being checked. The oauth2 state parameter is similar to a csrf token, so when the user…

  • CVE-2025-48994MedJun 2, 2025
    risk 0.38cvss epss 0.00

    SignXML is an implementation of the W3C XML Signature standard in Python. When verifying signatures with X509 certificate validation turned off and HMAC shared secret set (`signxml.XMLVerifier.verify(require_x509=False, hmac_key=...`), versions of SignXML prior to 4.0.4 are…

  • CVE-2024-8314MedMar 25, 2025
    risk 0.36cvss epss 0.00

    An Incorrect Implementation of Authentication Algorithm and Exposure of Data Element to Wrong Ses-sion vulnerability in the session handling used in B&R APROL <4.4-00P5 may allow an authenticated network attacker to take over a currently active user session without login…

  • CVE-2025-61783MedOct 9, 2025
    risk 0.34cvss epss 0.01

    Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail even if the `associate_by_email` pipeline was not included. This could lead to account compromise when a third-party…