Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-287

CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,372 vulnerabilities with CWE-287

ownCloud <5.0.18, <6.0.6, <7.0.3 - Auth Bypass

Cisco WebEx Meetings Server - Remote Privilege Escalation via API Request

VDG Security SENSE <2.3.13 - Auth Bypass

IBM InfoSphere Master Data Mgmt - Privilege Escalation

Cisco ISB8320-E High-Definition IP-Only DVR - Unauthenticated Authentication Bypass via Disaster Recovery TELNET Session

HP-UX B.11.11, B.11.23, B.11.31 - Authenticated Authentication Bypass

Apache CloudStack 4.3.x < 4.3.2 and 4.4.x < 4.4.2 - Unauthenticated Authentication Bypass via Login Request

Graylog2 < 0.91.3 - LDAP Authentication Bypass via Crafted Wildcards

RSA Adaptive Auth 6.0.2.1-7.1 P3 - Privilege Escalation

OpenSSH - Authenticated User Impersonation via .k5users File

ZTE ZXDSL 831CII - Unauthenticated Authentication Bypass via Direct CGI Request

ARRIS VAP2500 < 08.41 - Authentication Bypass via Improper Password Validation

IBM Security QRadar SIEM & QRadar Risk Manager <7.1 MR2 Patch 9 & <...

Microsoft Windows - Remote Desktop Protocol Improper Authentication

AXN-NET Ethernet module accessory 3.04 - Info Disclosure

CA Cloud Service Management < 2014 - Improper Authentication Token Verification

IBM Tivoli Application Dependency Discovery Manager 7.2.0.0-7.2.2.2 - Improper Authentication

Apache WSS4J < 1.6.17 and 2.x < 2.0.2 - Improper Authentication via SAML SubjectConfirmation Method

McAfee Network Data Loss Prevention < 9.3 - Unauthenticated MySQL Database Access

DokuWiki <2014-05-05a - Auth Bypass

DokuWiki <2014-05-05b - Auth Bypass

Zend Framework < 1.12.7 and 2.x < 2.2.8 - Authentication Bypass via Null Byte in LDAP Password

MantisBT < 1.2.17 - Unauthenticated Authentication Bypass via Null Byte in Password

Schrack Technik microControl Firmware < 1.7.0 - Unauthenticated Sensitive Information Exposure via ZTPUsrDtls.txt

IBM WebSphere MQ 8.0.0.1 - Authentication Bypass via MQTT Client JAASConfig Property

Previous Page 136 of 175 Next

Details

Vulnerabilities 4,372

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy