CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,374 vulnerabilities with CWE-287
CVE-2013-2820
Sierra Wireless AirLink Raven X EV-DO - RCE
CVE-2013-7239
memcached < 1.4.17 - Authentication Bypass via Invalid SASL Request
CVE-2013-7292
VASCO IDENTIKEY IAS 3.4.x - Auth Bypass
CVE-2013-5009
Symantec SEP <11.0.7.4-12.1.2 RU2 - Privilege Escalation
CVE-2013-7282
Nisuta NS-WIR150NE/NS-WIR300N - Auth Bypass
CVE-2013-5038
HOT HOTBOX Router Firmware 2.1.11 - Authentication Bypass via Source IP Reuse
CVE-2013-6006
Cybozu Garoon 3.5-3.7 SP2 - Authentication Bypass via Modified User ID
CVE-2013-6979
Cisco IOS XE 03.02.xxSE and 03.03.xxSE - Unauthenticated Authentication Bypass via 192.168.x.2 Source IP
CVE-2013-6890
Debian Linux - Authentication Bypass
CVE-2013-6439
Red Hat Subscription Asset Manager 1.0-1.3 - Improper Authentication
CVE-2013-5413
IBM Sterling B2B Integrator <5.2 - Auth Bypass
CVE-2013-5426
IBM InfoSphere <10.1.5, 11.0 - Session Fixation
CVE-2013-4001
IBM Cognos Command Center < 10.2 - Session Fixation via Authorization Cookie
CVE-2013-1364
Zabbix < 1.8.16 and 2.x < 2.0.5rc1 - Improper Authentication via LDAP Configuration Override
CVE-2013-7093
SAP Network Interface Router 39.3 SP4 - Authentication Bypass
CVE-2013-6171
Dovecot < 2.2.7 - Authentication Bypass via checkpassword-reply Descriptor Manipulation
CVE-2013-6920
Siemens SINAMICS S/G Family Firmware < 4.6 - Unauthenticated FTP and TELNET Access
CVE-2013-6634
Google Chrome < 31.0.1650.63 - Session Fixation via OneClickSigninHelper Realm Validation
CVE-2013-6859
SAP Sybase ASE <15.0.3 ESD#4.3/15.5<ESD#5.3/15.7<SP50/SP100 Privilege Escalation
CVE-2013-6828
PineApp Mail-SeCure - Unauthenticated Authentication Bypass via it Parameter
CVE-2013-4435
SaltStack Salt 0.15.0-0.17.0 - Authenticated Routine Execution Bypass via Embedded Routine
CVE-2013-6347
Novell ZENworks Configuration Management < 11.2.4 - Session Fixation
CVE-2013-6012
Juniper Junos 12.1X44-12.1.X44-D20 and 12.1X45-12.1X45-D15 - Authentication Bypass via Configuration Validation Error
CVE-2013-2102
Red Hat JBoss Enterprise Portal Platform < 6.0.0 - Sensitive Information Exposure via JGroups
CVE-2013-4965
Puppet Enterprise <3.1.0 - Auth Bypass
Details
Vulnerabilities 4,374
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits