CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,374 vulnerabilities with CWE-287
CVE-2014-0737
Cisco Unified IP Phone 7960G 9.2(1) - Unauthenticated Certificate Trust List Injection
CVE-2014-0733
Cisco Unified Communications Manager < 10.0(1) - Unauthenticated Information Disclosure via ELM Direct URL Access
CVE-2014-0732
Cisco Unified Communications Manager < 10.0(1) - Unauthenticated Information Disclosure via RTMT Direct URL Access
CVE-2014-0725
Cisco Unified Communications Manager - Unauthenticated Sensitive Information Exposure via WAR File Access
CVE-2014-0722
Cisco Unified Communications Manager - Denial of Service via log4jinit Web Application
CVE-2014-0015
libcurl 7.10.6-7.34.0 - Improper Authentication via NTLM Connection Reuse
CVE-2014-0674
Cisco Video Surveillance Operations Manager - Unauthenticated MySQL Database Access
CVE-2013-10004 MEDIUM
Telecomsoftware SAMwin Contact Center Suite 5.1 - Predictable Authentication via SAMwinLIBVB.dll Password Handler
CVSS 6.5
CVE-2013-4454 CRITICAL
WordPress Portable phpMyAdmin Plugin 1.4.1 - Authentication Bypass
CVSS 9.1
CVE-2013-6360 HIGH
TRENDnet TS-S402 Firmware - Unauthenticated Backdoor Telnet Access
CVSS 7.5
CVE-2013-2120 HIGH
KDE Paste Applet < 4.10.5 - Improper Authentication via Password Macro
CVSS 8.4
CVE-2013-5582 HIGH
Ammyy Admin < 3.2 - Improper Authentication via Fixed Memory Location
CVSS 7.8
CVE-2013-1359 CRITICAL
DELL SonicWALL Analyzer 7.0, GMS 4.1-7.0, UMA 5.1-7.0, ViewPoint 4.1-6.0 - Authentication Bypass
CVSS 9.8
CVE-2013-1360 CRITICAL
SonicWall GMS Analyzer UMA ViewPoint - Authentication Bypass via SGMS Interface
CVSS 9.8
CVE-2013-3096 MEDIUM
D-Link DIR865L v1.03 - Unauthenticated Hardware Linking
CVSS 5.9
CVE-2013-3091 CRITICAL
Belkin N300 F7D7301v1 - Auth Bypass
CVSS 9.8
CVE-2013-2681 CRITICAL
Cisco Linksys E4200 <1.0.05 Build 7 - Auth Bypass
CVSS 9.8
CVE-2013-7051 HIGH
D-Link DIR-100 Firmware 4.03B07 - Unauthenticated Authentication Bypass via cli.cgi
CVSS 8.8
CVE-2013-5116 HIGH
Evernote < 5.5.1 - Improper Authentication via Insecure Password Change
CVSS 7.1
CVE-2013-5114 MEDIUM
LastPass < 2.5.1 - Secure Wipe Bypass
CVSS 6.1
CVE-2013-5112 MEDIUM
Evernote < 5.5.1 - Improper Authentication via Insecure PIN Storage
CVSS 4.6
CVE-2013-3317 CRITICAL
Netgear WNR1000v3 <1.0.2.60 - Auth Bypass
CVSS 9.8
CVE-2013-3316 CRITICAL
Netgear WNR1000v3 <1.0.2.60 - Auth Bypass
CVSS 9.8
CVE-2013-3215 CRITICAL
vtiger CRM 5.1.0-5.4.0 - Authentication Bypass via Improper Session Validation
CVSS 9.8
CVE-2013-2569 HIGH
Zavio IP Cameras <1.6.3 - Auth Bypass
CVSS 7.5
Details
Vulnerabilities 4,374
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits