Exploit Intelligence Platform – 370K+ CVEs, Ranked Exploits & EPSS Scores

CVE-2012-5930 1 PoC Analysis EPSS 0.05

Microfocus Privileged User Manager - Authentication Bypass

The pa_modify_accounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote attackers to change the passwords of administrative accounts via a crafted application/x-amf request.

CWE-287 Dec 24, 2012

CVE-2012-3002 EPSS 0.02

Foscam/Wansview IP Cameras - Auth Bypass

The web interface on (1) Foscam and (2) Wansview IP cameras allows remote attackers to bypass authentication, and perform administrative functions or read the admin password, via a direct request to an unspecified URL.

CWE-287 Dec 21, 2012

CVE-2012-6067 EPSS 0.01

Freeftpd < 1.0.11 - Authentication Bypass

freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to bypass authentication via a crafted SFTP session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.

CWE-287 Dec 04, 2012

CVE-2012-6066 5 PoCs Analysis EPSS 0.76

Freesshd < 1.2.6 - Authentication Bypass

freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.

CWE-287 Dec 04, 2012

CVE-2012-5975 3 PoCs Analysis EPSS 0.26

SSH Tectia Server - Authentication Bypass

The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session involving entry of blank passwords, as demonstrated by a root login session from a modified OpenSSH client with an added input_userauth_passwd_changereq call in sshconnect2.c.

CWE-287 Dec 04, 2012

CVE-2012-5858 1 PoC Analysis EPSS 0.11

Samsung Kies Air - Authentication Bypass

Samsung Kies Air 2.1.207051 and 2.1.210161 relies on the IP address for authentication, which allows remote man-in-the-middle attackers to read arbitrary phone contents by spoofing or controlling the IP address.

CWE-287 Dec 03, 2012

CVE-2012-4614 EPSS 0.01

EMC Smarts NCM <9.1 - Info Disclosure

The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network session.

CWE-287 Nov 27, 2012

CVE-2012-2437 1 PoC Analysis EPSS 0.07

AWCM 2.2 - XSS

cookie_gen.php in ar web content manager (AWCM) 2.2 does not require authentication, which allows remote attackers to generate arbitrary cookies via the name parameter in conjunction with the content parameter.

CWE-287 Nov 26, 2012

CVE-2012-2377 EPSS 0.01

Redhat Jboss Enterprise Portal Platform < 5.2.1 - Authentication Bypass

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a crafted IP multicast.

CWE-287 Nov 23, 2012

CVE-2011-4085 EXPLOITED EPSS 0.01

JBoss Enterprise Application Platform <5.1.2 - Auth Bypass

The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which allow remote attackers to bypass authentication by sending a request with a different method. NOTE: this vulnerability exists because of a CVE-2010-0738 regression.

CWE-287 Nov 23, 2012

CVE-2012-5864 1 PoC Analysis EPSS 0.18

Sinapsitech Sinapsi Firmware < 2.0.2870 - Authentication Bypass

These Sinapsi devices do not check if users that visit pages within the device have properly authenticated. By directly visiting the pages within the device, attackers can gain unauthorized access with administrative privileges.

CWE-287 Nov 23, 2012

CVE-2012-5758 EPSS 0.03

IBM Websphere Datapower Xc10 Appliance - Authentication Bypass

The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2 does not require authentication for an unspecified interface, which allows remote attackers to cause a denial of service (process exit) via unknown vectors.

CWE-287 Nov 23, 2012

CVE-2012-5887 EPSS 0.01

Apache Tomcat < 5.5.36 - Authentication Bypass

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.

CWE-287 Nov 17, 2012

CVE-2012-5886 EPSS 0.01

Apache Tomcat < 5.5.36 - Authentication Bypass

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.

CWE-287 Nov 17, 2012

CVE-2012-4613 EPSS 0.00

EMC RSA Data Protection Manager <3.2.1 - Auth Bypass

EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 does not properly restrict the number of authentication attempts by a user account, which makes it easier for local users to bypass intended access restrictions via a brute-force attack.

CWE-287 Nov 16, 2012

CVE-2012-4021 EPSS 0.00

Mosp Kintai Kanri < 4.0.9 - Authentication Bypass

MosP kintai kanri before 4.1.0 does not properly perform authentication, which allows remote authenticated users to impersonate arbitrary user accounts, and consequently obtain sensitive information or modify settings, via unspecified vectors.

CWE-287 Nov 08, 2012

CVE-2012-3315 EPSS 0.00

IBM Tivoli Federated Identity Manager < 6.2.2 - Authentication Bypass

The Java servlets in the management console in IBM Tivoli Federated Identity Manager (TFIM) through 6.2.2 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) before 6.2.2 do not require authentication for all resource downloads, which allows remote attackers to bypass intended J2EE security constraints, and obtain sensitive information related to (1) federation metadata or (2) a web plugin configuration template, via a crafted request.

CWE-287 Nov 08, 2012

CVE-2012-4659 EPSS 0.01

Cisco ASA <8.2.5.30-8.3.2.34 - DoS

The AAA functionality in the IPv4 SSL VPN implementations on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 before 8.2(5.30) and 8.3 before 8.3(2.34) allows remote attackers to cause a denial of service (device reload) via a crafted authentication response, aka Bug ID CSCtz04566.

CWE-287 Oct 29, 2012

CVE-2012-5353 EPSS 0.00

Eduserv OpenAthens SP 2.0 - Auth Bypass

Eduserv OpenAthens SP 2.0 for Java allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack."

CWE-287 Oct 09, 2012

CVE-2012-5352 EPSS 0.00

JOSSO - Auth Bypass

Java Open Single Sign-On Project Home (JOSSO) allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack."

CWE-287 Oct 09, 2012

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps