Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-287

CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,374 vulnerabilities with CWE-287

strongSwan 4.3.5-5.0.3 - Improper Authentication via Invalid ECDSA Signature

Cisco UCS <1.4(4)-2.0(2m - Auth Bypass

Novell iManager <2.7 - Info Disclosure

IBM WAS Liberty Profile <8.5.0.2 - Auth Bypass

Apache ActiveMQ <5.8.0 - Info Disclosure/DoS

JBoss Enterprise Portal Platform 5.2.2 - Improper Authentication in GateIn Portal Export/Import Gadget

OpenStack Keystone < 2012.1.3, 2012.1.x-2012.2.x, < 2013.1 - Improper Authentication via EC2-Style Authentication

Cisco FWSM <3.2(20.1)/4.0(15.2)/4.1(5.1) DoS via Auth-Proxy URL

Cisco ASA Software DoS via Crafted URL

BackupBuddy 1.3.4, 2.1.4, 2.2.25, 2.2.28, 2.2.4 - Unauthenticated Authentication Bypass via Step Parameter

BackupBuddy <2.2.28 - Info Disclosure

Novell ZENworks Configuration Management < 11.2.4 - Directory Traversal & Arbitrary File Upload

EMC Smarts Network Configuration Manager < 9.1 - Unauthenticated Remote Code Execution via Java RMI

Google Authenticator Login Module for Drupal 7.x - Unauthenticated Authentication Bypass

IBM Domino 8.5.x - Privilege Escalation

OpenStack Keystone Folsom 2012.2 - Improper Authentication via Revoked PKI Token Bypass

Apache CXF < 2.5.9, 2.6.x < 2.6.6, 2.7.x < 2.7.3 - Unauthenticated Authentication Bypass via Missing Password Element

Google Chrome <25.0.1364.152 - Auth Bypass

Cisco Unified Communications Manager <9.1(1) - DoS

VMware vCenter Server 4.0-4.1 and VirtualCenter 2.5 - Improper Authentication

Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution

Mozilla Firefox < 18.0 - Address Bar Spoofing via URL Userinfo Field

CVE-2013-0625 CRITICAL KEV

Adobe ColdFusion <9.0.2 - Auth Bypass

CVE-2012-10001 CRITICAL

WordPress Limit Login Attempts <1.7.1 - Info Disclosure

CVE-2012-6340 MEDIUM

NETGEAR WGR614 v7 and v9 - Improper Authentication via Hardcoded Serial Credential

Previous Page 146 of 175 Next

Details

Vulnerabilities 4,374

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy