CWE-306
Missing Authentication for Critical Function
BaseDraftLikelihood: High
Description
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-12 · CAPEC-166 · CAPEC-216 · CAPEC-36 · CAPEC-62
CVEs mapped to this weakness (650)
page 33 of 33| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-4506 | Low | 0.14 | 2.2 | 0.00 | Sep 27, 2023 | The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 4.1.10. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative access and above, to change the LDAP server and retrieve the credentials for the original LDAP server. | |
| CVE-2023-4505 | Low | 0.14 | 2.2 | 0.00 | Sep 27, 2023 | The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 1.2.3. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative access and above, to change the LDAP server and retrieve the credentials for the original LDAP server. | |
| CVE-2014-9195 | 0.10 | — | 0.82 | Jan 17, 2015 | Phoenix Contact ProConOs and MultiProg do not require authentication, which allows remote attackers to execute arbitrary commands via protocol-compliant traffic. | ||
| CVE-2014-4872 | 0.10 | — | 0.82 | Oct 10, 2014 | BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or (2) ConfigurationService. | ||
| CVE-2020-12492 | Low | 0.07 | — | 0.00 | Nov 25, 2024 | Improper handling of WiFi information by framework services can allow certain malicious applications to obtain sensitive information. | |
| CVE-2009-1780 | 0.03 | — | 0.04 | May 22, 2009 | admin.php in Frax.dk Php Recommend 1.3 and earlier does not require authentication when the user password is changed, which allows remote attackers to gain administrative privileges via modified form_admin_user and form_admin_pass parameters. | ||
| CVE-2007-0956 | 0.02 | — | 0.26 | Apr 6, 2007 | The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882. | ||
| CVE-2014-9197 | 0.00 | — | 0.00 | Jan 27, 2015 | The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request. | ||
| CVE-2014-2590 | 0.00 | — | 0.00 | Apr 1, 2014 | The web management interface in Siemens RuggedCom ROS before 3.11, ROS 3.11 before 3.11.5 for RS950G, ROS 3.12, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (interface outage) via crafted HTTP packets. | ||
| CVE-2011-3055 | 0.00 | — | 0.01 | Mar 22, 2012 | The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension. |