Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-287

CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,372 vulnerabilities with CWE-287

Apple OS X <10.10 - Privilege Escalation

Apple OS X <10.10 - Info Disclosure

Apple OS X <10.10 - Info Disclosure

Jenkins <1.551-1.532.2 - Info Disclosure

Jenkins <1.551-LTS <1.532.2 - Auth Bypass

F5 Arx - Authentication Bypass

Juniper Junos <11.4-R12,<12.1-R10,... - Privilege Escalation

Cisco Intrusion Prevention System < 7.0(8)E4 - Denial of Service via Crafted Connection Request

Cisco Adaptive Security Appliance Software - Improper Authentication in Clientless SSL VPN Portal Customization

Joomla! <2.5.25-3.3.4 - Auth Bypass

Adaptive Computing Moab < 7.2.9 and 8 < 8.0.0 - Unauthenticated Authentication Bypass via Message Without Signature

Apache Shiro 1.x < 1.2.3 - Authentication Bypass via Empty LDAP Credentials

IBM Rational ClearQuest 7.1-8.0.1 - Unauthenticated Authentication Bypass via Help Server Administration Feature

IBM Rational ClearQuest 7.1-8.0.1 - Improper Authentication via Web Login Form

Schneider Electric ClearSCADA 2010 R3-2014 R1 - Unauthenticated Database Record Read via Guest Account

Zend Framework < 1.12.4 - Improper Authentication via OpenID Assertion

EMC RSA IMG <6.5.1P11-6.8.1P07 - Auth Bypass

Django <1.4.14-1.7 - Auth Bypass

Little Kernel Bootloader - Authentication Bypass via Fastboot Boot Command

Little Kernel Bootloader - Improper Authentication via Inconsistent Digest Size Check

Shopizer < 1.1.5 - Unauthenticated Brute Force Attack via Unrestricted Authentication Attempts

SAP Solution Manager 7.1 - Authentication Bypass via Verb Tampering

I-O DATA TS-WLCAM, TS-WLCAM/V, TS-WPTCAM, TS-PTCAM, TS-PTCAM/POE, and TS-WLC2 Cameras - Authentication Bypass

Moodle < 2.3.11, 2.4.x < 2.4.11, 2.5.x < 2.5.7 - Authenticated Session Hijacking via Shibboleth Plugin

MailPoet Newsletters <2.6.7 - Auth Bypass

Previous Page 137 of 175 Next

Details

Vulnerabilities 4,372

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy