CWE-345
Insufficient Verification of Data Authenticity
Description
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-111 · CAPEC-141 · CAPEC-142 · CAPEC-148 · CAPEC-218 · CAPEC-384 · CAPEC-385 · CAPEC-386 · CAPEC-387 · CAPEC-388 · CAPEC-665 · CAPEC-701
CVEs mapped to this weakness (306)
page 15 of 16| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-16250 | — | 0.00 | — | 0.01 | Aug 26, 2020 | HashiCorp Vault and Vault Enterprise versions 0.7.1 and newer, when configured with the AWS IAM auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1.. | ||
| CVE-2020-15899 | — | 0.00 | — | 0.01 | Jul 28, 2020 | Grin 3.0.0 before 4.0.0 has insufficient validation of data related to Mimblewimble. | ||
| CVE-2019-17636 | 0.00 | — | 0.01 | Mar 10, 2020 | In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host's… | |||
| CVE-2013-2167 | — | 0.00 | — | 0.02 | Dec 10, 2019 | python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass | ||
| CVE-2019-8124 | 0.00 | — | 0.01 | Nov 5, 2019 | An insufficient logging and monitoring vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Failure to track admin actions related to design configuration could lead to repudiation attacks. | |||
| CVE-2019-8112 | 0.00 | — | 0.01 | Nov 5, 2019 | A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can bypass the email confirmation mechanism via GET request that captures relevant account data obtained from the POST response related to new… | |||
| CVE-2019-13483 | — | 0.00 | — | 0.01 | Jul 25, 2019 | Auth0 Passport-SharePoint before 0.4.0 does not validate the JWT signature of an Access Token before processing. This allows attackers to forge tokens and bypass authentication and authorization mechanisms. | ||
| CVE-2019-3875 | 0.00 | — | 0.00 | Jun 12, 2019 | A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The… | |||
| CVE-2019-10157 | 0.00 | — | 0.00 | Jun 12, 2019 | It was found that Keycloak's Node.js adapter before version 4.8.3 did not properly verify the web token received from the server in its backchannel logout . An attacker with local access could use this to construct a malicious web token setting an NBF parameter that could… | |||
| CVE-2019-1000013 | 0.00 | — | 0.01 | Feb 4, 2019 | Hex package manager hex_core version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from… | |||
| CVE-2018-16486 | — | 0.00 | — | 0.01 | Feb 1, 2019 | A prototype pollution vulnerability was found in defaults-deep <=0.2.4 that would allow a malicious user to inject properties onto Object.prototype. | ||
| CVE-2018-15801 | 0.00 | — | 0.01 | Dec 19, 2018 | Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could… | |||
| CVE-2017-1000424 | — | Med | 0.00 | 4.3 | 0.01 | Jan 2, 2018 | Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable to a URL Spoofing problem when opening PDFs in PDFium resulting loading arbitrary PDFs that a hacker can control. | |
| CVE-2015-2908 | 0.00 | — | 0.02 | Aug 23, 2015 | Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, do not validate firmware updates, which allows remote attackers to execute arbitrary code by specifying an update server. | |||
| CVE-2015-3908 | 0.00 | — | 0.01 | Aug 12, 2015 | Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||
| CVE-2015-4674 | 0.00 | — | 0.01 | Aug 7, 2015 | The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file. | |||
| CVE-2014-5406 | 0.00 | — | 0.01 | Jul 6, 2015 | The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated with sending a (1) drug library, (2) software update, or (3) configuration change, which allows remote attackers to modify settings or medication data via packets on the (a) TELNET,… | |||
| CVE-2013-7398 | 0.00 | — | 0.01 | Jun 24, 2015 | main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) before 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an… | |||
| CVE-2013-7397 | 0.00 | — | 0.01 | Jun 24, 2015 | Async Http Client (aka AHC or async-http-client) before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle attackers to spoof HTTPS servers by presenting an arbitrary certificate… | |||
| CVE-2015-0259 | 0.00 | — | 0.01 | Apr 1, 2015 | OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage. |
- CVE-2020-16250Aug 26, 2020risk 0.00cvss —epss 0.01
HashiCorp Vault and Vault Enterprise versions 0.7.1 and newer, when configured with the AWS IAM auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1..
- CVE-2020-15899Jul 28, 2020risk 0.00cvss —epss 0.01
Grin 3.0.0 before 4.0.0 has insufficient validation of data related to Mimblewimble.
- CVE-2019-17636Mar 10, 2020risk 0.00cvss —epss 0.01
In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host's…
- CVE-2013-2167Dec 10, 2019risk 0.00cvss —epss 0.02
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass
- CVE-2019-8124Nov 5, 2019risk 0.00cvss —epss 0.01
An insufficient logging and monitoring vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Failure to track admin actions related to design configuration could lead to repudiation attacks.
- CVE-2019-8112Nov 5, 2019risk 0.00cvss —epss 0.01
A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can bypass the email confirmation mechanism via GET request that captures relevant account data obtained from the POST response related to new…
- CVE-2019-13483Jul 25, 2019risk 0.00cvss —epss 0.01
Auth0 Passport-SharePoint before 0.4.0 does not validate the JWT signature of an Access Token before processing. This allows attackers to forge tokens and bypass authentication and authorization mechanisms.
- CVE-2019-3875Jun 12, 2019risk 0.00cvss —epss 0.00
A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The…
- CVE-2019-10157Jun 12, 2019risk 0.00cvss —epss 0.00
It was found that Keycloak's Node.js adapter before version 4.8.3 did not properly verify the web token received from the server in its backchannel logout . An attacker with local access could use this to construct a malicious web token setting an NBF parameter that could…
- CVE-2019-1000013Feb 4, 2019risk 0.00cvss —epss 0.01
Hex package manager hex_core version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from…
- CVE-2018-16486Feb 1, 2019risk 0.00cvss —epss 0.01
A prototype pollution vulnerability was found in defaults-deep <=0.2.4 that would allow a malicious user to inject properties onto Object.prototype.
- CVE-2018-15801Dec 19, 2018risk 0.00cvss —epss 0.01
Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could…
- risk 0.00cvss 4.3epss 0.01
Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable to a URL Spoofing problem when opening PDFs in PDFium resulting loading arbitrary PDFs that a hacker can control.
- CVE-2015-2908Aug 23, 2015risk 0.00cvss —epss 0.02
Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, do not validate firmware updates, which allows remote attackers to execute arbitrary code by specifying an update server.
- CVE-2015-3908Aug 12, 2015risk 0.00cvss —epss 0.01
Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
- CVE-2015-4674Aug 7, 2015risk 0.00cvss —epss 0.01
The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file.
- CVE-2014-5406Jul 6, 2015risk 0.00cvss —epss 0.01
The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated with sending a (1) drug library, (2) software update, or (3) configuration change, which allows remote attackers to modify settings or medication data via packets on the (a) TELNET,…
- CVE-2013-7398Jun 24, 2015risk 0.00cvss —epss 0.01
main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) before 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an…
- CVE-2013-7397Jun 24, 2015risk 0.00cvss —epss 0.01
Async Http Client (aka AHC or async-http-client) before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle attackers to spoof HTTPS servers by presenting an arbitrary certificate…
- CVE-2015-0259Apr 1, 2015risk 0.00cvss —epss 0.01
OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage.