VYPR

CWE-303

Incorrect Implementation of Authentication Algorithm

BaseDraft

Description

The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.

This incorrect implementation may allow authentication to be bypassed.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-90

CVEs mapped to this weakness (38)

page 2 of 2
  • CVE-2026-8922MedMay 19, 2026
    risk 0.28cvss 5.4epss 0.00

    A flaw was found in Keycloak. When both realm-level and client-level `notBefore` revocation policies are configured, Keycloak's OpenID Connect (OIDC) Introspection feature fails to properly honor the realm-level policy. This allows tokens that should have been revoked to remain…

  • CVE-2024-32879MedApr 24, 2024
    risk 0.25cvss 4.9epss 0.01

    Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue…

  • CVE-2026-32953MedMar 20, 2026
    risk 0.23cvss 4.6epss 0.00

    Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets (USS) to be silently ignored, producing the same Compound Device Identifier…

  • CVE-2026-27656Mar 25, 2026
    risk 0.00cvss epss 0.00

    Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to properly validate user identity in the OpenID {{IsSameUser()}} comparison logic, which allows an attacker to take over arbitrary user accounts via an overly permissive substring…

  • CVE-2026-0999Feb 16, 2026
    risk 0.00cvss epss 0.00

    Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to properly validate login method restrictions which allows an authenticated user to bypass SSO-only login requirements via userID-based authentication. Mattermost Advisory ID: MMSA-2025-00548

  • CVE-2025-14273Dec 22, 2025
    risk 0.00cvss epss 0.00

    Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10.12.3, 10.11.x <= 10.11.7 with the Jira plugin enabled and Mattermost Jira plugin versions <=4.4.0 fail to enforce authentication and issue-key path restrictions in the Jira plugin, which allows an…

  • CVE-2025-12421Nov 27, 2025
    risk 0.00cvss epss 0.00

    Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a…

  • CVE-2025-12419Nov 27, 2025
    risk 0.00cvss epss 0.00

    Mattermost versions 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12, 11.0.x <= 11.0.3 fail to properly validate OAuth state tokens during OpenID Connect authentication which allows an authenticated attacker with team creation privileges to take over a user account via…

  • CVE-2025-57808Sep 2, 2025
    risk 0.00cvss epss 0.02

    ESPHome is a system to control microcontrollers remotely through Home Automation systems. In version 2025.8.0 in the ESP-IDF platform, ESPHome's web_server authentication check can pass incorrectly when the client-supplied base64-encoded Authorization value is empty or is a…

  • CVE-2025-3230May 30, 2025
    risk 0.00cvss epss 0.00

    Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fails to properly invalidate personal access tokens upon user deactivation, allowing deactivated users to maintain full system access by exploiting access token validation flaws via…

  • CVE-2025-2571May 30, 2025
    risk 0.00cvss epss 0.00

    Mattermost versions 10.7.x <= 10.7.0, 10.6.x <= 10.6.2, 10.5.x <= 10.5.3, 9.11.x <= 9.11.12 fail to clear Google OAuth credentials when converting user accounts to bot accounts, allowing attackers to gain unauthorized access to bot accounts via the Google OAuth signup flow.

  • CVE-2025-2475Apr 14, 2025
    risk 0.00cvss epss 0.00

    Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials.

  • CVE-2024-56128Dec 18, 2024
    risk 0.00cvss epss 0.01

    Incorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM implementation. Issue Summary: Apache Kafka's implementation of the Salted Challenge Response Authentication Mechanism (SCRAM) did not fully adhere to the requirements of RFC 5802 [1]. Specifically, as…

  • CVE-2024-10214Oct 28, 2024
    risk 0.00cvss epss 0.00

    Mattermost versions 9.11.X <= 9.11.1, 9.5.x <= 9.5.9 icorrectly issues two sessions when using desktop SSO - one in the browser and one in desktop with incorrect settings.

  • CVE-2024-3046Apr 9, 2024
    risk 0.00cvss epss 0.01

    In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. Also, downloaded logs may be used by an attacker to perform privilege escalation by using the…

  • CVE-2021-32691Jun 16, 2021
    risk 0.00cvss epss 0.01

    Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps versions prior to 2.20.0, new user registrations are able to access anyone's account by only knowing their basic profile information (name, birthday, gender, etc). This includes all app…

  • CVE-2021-25315Mar 3, 2021
    risk 0.00cvss epss 0.02

    CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE Linux Enterprise Server 15 SP 3…

  • CVE-2020-5268Apr 21, 2020
    risk 0.00cvss epss 0.01

    In Saml2 Authentication Services for ASP.NET versions before 1.0.2, and between 2.0.0 and 2.6.0, there is a vulnerability in how tokens are validated in some cases. Saml2 tokens are usually used as bearer tokens - a caller that presents a token is assumed to be the subject of…