VYPR

CWE-304

Missing Critical Step in Authentication

BaseDraft

Description

The product implements an authentication technique, but it skips a step that weakens the technique.

Authentication techniques should follow the algorithms that define them exactly, otherwise authentication can be bypassed or more easily subjected to brute force attacks.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (17)

  • CVE-2024-2172CriMar 13, 2024
    risk 0.64cvss 9.8epss 0.02

    The Malware Scanner plugin and the Web Application Firewall plugin for WordPress (both by MiniOrange) are vulnerable to privilege escalation due to a missing capability check on the mo_wpns_init() function in all versions up to, and including, 4.7.2 (for Malware Scanner) and…

  • CVE-2026-44547CriMay 12, 2026
    risk 0.55cvss 9.6epss 0.00

    ChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4058 is incomplete. The hardening commit was merged and then silently stripped from src/api/routes/public/public-user.php by an unrelated PR before any 7.2.x tag was cut. Every…

  • CVE-2026-42452HigMay 8, 2026
    risk 0.53cvss 8.1epss 0.00

    Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, /users/login issues a temporary JWT (temp_token) for TOTP-enabled accounts. That token carries a pendingTOTP state and should only be valid for…

  • CVE-2024-11302HigMar 20, 2025
    risk 0.52cvss 8.0epss 0.00

    A missing check_access() function in the lollms_binding_infos module of the parisneo/lollms repository, version V14, allows attackers to add, modify, and remove bindings arbitrarily. This vulnerability affects the /install_binding and /reinstall_binding endpoints, among others,…

  • CVE-2025-55138HigAug 7, 2025
    risk 0.48cvss 7.4epss 0.00

    LinkJoin through 882f196 mishandles token ownership in password reset.

  • CVE-2023-52424HigMay 17, 2024
    risk 0.48cvss 7.4epss 0.01

    The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue. This occurs because the SSID is not always…

  • CVE-2024-12136MedMar 19, 2025
    risk 0.45cvss 6.9epss 0.00

    Missing Critical Step in Authentication vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Authentication Bypass. This issue affects ANKA JPD-00028: before V.01.01.

  • CVE-2026-40542HigApr 22, 2026
    risk 0.40cvss 7.3epss 0.01

    Missing critical step in authentication in Apache HttpClient 5.6 allows an attacker to cause the client to accept SCRAM-SHA-256 authentication without proper mutual authentication verification. Users are recommended to upgrade to version 5.6.1, which fixes this issue.

  • CVE-2011-3172MedJun 8, 2018
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE Linux Enterprise: versions prior to 12.

  • CVE-2025-5715LowJun 6, 2025
    risk 0.25cvss 3.8epss 0.00

    A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch…

  • CVE-2025-43798Sep 15, 2025
    risk 0.00cvss epss 0.00

    Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA through update 35 allows a time-based one-time password (TOTP) to be used multiple times during the validity period, which allows attackers with access to a user’s TOTP to authenticate as…

  • CVE-2024-1735Feb 26, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. All users who rely on armeria-saml older than version 1.27.2 must upgrade to 1.27.2 or later.

  • CVE-2023-3629Dec 18, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.

  • CVE-2023-3628Dec 18, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.

  • CVE-2022-3916Sep 20, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This…

  • CVE-2021-4236Dec 27, 2022
    risk 0.00cvss epss 0.01

    Web Sockets do not execute any AuthenticateMethod methods which may be set, leading to a nil pointer dereference if the returned UserData pointer is assumed to be non-nil, or authentication bypass. This issue only affects WebSockets with an AuthenticateMethod hook. Request…

  • CVE-2019-16766Nov 29, 2019
    risk 0.00cvss epss 0.01

    When using wagtail-2fa before 1.3.0, if someone gains access to someone's Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version…

VYPR — Vulnerability Intelligence