Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-287

CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,374 vulnerabilities with CWE-287

Cisco Identity Services Engine 1.x - Unauthenticated Authentication Bypass via Crafted TCP Session

Cisco ASA Software 8.2-9.1 Unauthenticated Authentication Bypass via ASDM

Cisco ASA <9.1(2.5) Unauthenticated LDAP Authentication Bypass

HP Intelligent Management Center and IMC Service Operation Management Software Module - Authentication Bypass

ASUS RT-N10E Firmware < 2.0.0.24 - Unauthenticated Administrator Password Exposure via QIS_finish.htm

Apple Mac OS X <10.8.5 - Auth Bypass

Siemens SCALANCE X-200 Series <4.5.0 & X-200IRT <5.1.0 - Unauthenticated Admin Access

Cisco Video Surveillance Operations Manager - Unauthenticated Video Feed Access via Crafted URL

Open-Xchange AppSuite <7.0.2-7.2.2 - Info Disclosure

Zimbra Collaboration Suite <6.0.16 - Info Disclosure

Django 1.4-1.4.8 1.5-1.5.4 1.6-1.6 beta 4 - Denial of Service via Long Password Hashing

Cisco Prime Central for Hosted Collaboration Solution Assurance < 9.1.1 - Credential Exposure

Cisco Intrusion Prevention System - Denial of Service via Crafted Management-Interface Connection Request

Dahua DVR - Unauthenticated Remote Access via UPnP Replay Attack

IBM Rational Requirements Composer <4.0.4 - Info Disclosure

IBM Rational Policy Tester 8.5 - Authenticated Authorization Bypass for Authentication Host Changes

Cisco Secure Access Control Server < 4.2.1.15.11 - Remote Code Execution via EAP-FAST Packet Parsing

Samsung Smart Viewer - Unauthenticated Authentication Bypass via SessionID Cookie

Puppet Enterprise <3.0.1 - Privilege Escalation

OpenStack Keystone >=2012.2 <2012.2.4 - Unauthenticated Authentication Bypass via Empty LDAP Password

NTT DOCOMO overseas usage 2.0.0-2.0.4 - Improper Authentication via Wi-Fi Connection

IBM WebSphere Commerce <6.0.0.11 & <7.0.0.7 - Auth Bypass

Red Hat Satellite 5.3-5.5 - Improper Authentication in Inter-Satellite Sync

Moodle <= 2.1.10, 2.2.x < 2.2.11, 2.3.x < 2.3.8, 2.4.x < 2.4.5, 2.5.x < 2.5.1 - Information Disclosure

Cisco Video Surveillance Manager < 7.0.0 - Unauthenticated Information Disclosure via VSMC Monitoring Pages

Previous Page 144 of 175 Next

Details

Vulnerabilities 4,374

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy