Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-287

CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,374 vulnerabilities with CWE-287

Cisco Video Surveillance Manager < 7.0.0 - Unauthenticated Sensitive Information Exposure

Cybozu Office < 9.1.0 - Unauthenticated Authentication Bypass via Login URL

Verizon Wireless Network Extender - Info Disclosure

Verizon Wireless Network Extender SCS-2U01 - Privilege Escalation

Verizon Wireless Network Extender - Unauthenticated Root Access via HDMI Cable

HP Integrated Lights-Out BMC - Unauthenticated Authentication Bypass via Cipher Zero

Dell iDRAC6 <1.92 and iDRAC7 <1.23.23 - Auth Bypass

Supermicro BMC - Unauthenticated IPMI Command Execution via Cipher Zero

Choice Wireless WIXFMR-111 - Information Disclosure via Ajax wmxState or netState Request

Choice Wireless Green Packet WIXFMR-111 - RCE

SoftBank Wi-Fi Spot Configuration Software - Improper Authentication

Cisco WebEx Meetings Server - Info Disclosure

Mac OS X < 10.8.4 - Unauthenticated Denial of Service via FileVault Disable Command

Apache Tomcat 6.0.21-6.0.36 and 7.x < 7.0.33 - Session Fixation via Form Authentication

LOCKON EC-CUBE 2.11.0-2.12.3enP2 - Session Fixation

Cisco NX-OS - Improper Authentication via Spoofed STUN Packets or Crafted VMware ESXi Instance

Cisco NX-OS - Improper Authentication in VSM/VEM Communication

IBM InfoSphere Optim Data Growth - Auth Bypass

OpenStack Keystone Folsom <= 2012.2.4, Grizzly < 2013.1.1, Havana - Improper Authentication Token Revocation via v2 API

Cisco Secure ACS - Session Fixation

Cisco Unified Communications Manager - Denial of Service via Authentication Attempt Rate Limiting Bypass

Microsoft .NET Framework 4.5 - Authentication Bypass via WCF Endpoint

EMC Webtop <6.7 SP2 - Session Fixation

IBM Sterling Multi-Channel Fulfillment Solution & Selling and Fulfillment Foundation - Improper Authentication

Cisco IOS ISM Module - Denial of Service via Malformed Authentication-Header Packets

Previous Page 145 of 175 Next

Details

Vulnerabilities 4,374

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy