Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-287

CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,374 vulnerabilities with CWE-287

CVE-2012-6451 CRITICAL

Lorex LNC116 and LNC104 Firmware < 030312 - Unauthenticated Authentication Bypass

CVE-2012-3824 HIGH

Campaign Enterprise < 11.0.551 - Unauthenticated Improper Authentication

CVE-2012-2714 CRITICAL

Drupal BrowserID <7.x-1.3 - Auth Bypass

CVE-2012-1258 MEDIUM

Scrutinizer NetFlow & sFlow Analyzer < 9.0.1.19899 - Unauthenticated Privilege Escalation via User Preferences CGI

CVE-2012-3462 HIGH

SSSD 1.9.0 - Improper Authentication via HBAC Rule Bypass

CVE-2012-6710 CRITICAL

eXtplorer < 2.1.2 - Unauthenticated Authentication Bypass via Empty Password Array

CVE-2012-0803 CRITICAL

Apache CXF 2.4.5 and 2.5.1 - Unauthenticated Authentication Bypass via Empty UsernameToken

Axway Secure Messenger < 6.5 Updated Release 7 - User Enumeration via Authentication Response Timing

Cisco IOS < 15.1(1)SY3 - Unauthenticated VPN Traffic Manipulation via Flex-VPN Load-Balancing

Cisco IOS < 15.1(1)SY3 - Denial of Service via HTTP Session Termination Issue

Puppet Enterprise <2.6.1 - Privilege Escalation

Red Hat JBoss Operations Network (JON) <3.0.1-2.4.2 - Auth Bypass

Red Hat JBoss Operations Network < 2.4.2 and 3.0.x < 3.0.1 - Unauthenticated Session Hijack via Agent Registration

Cisco Unified Computing System - Authentication Bypass via SSH Port Forwarding

PAN-OS < 3.1.12, 4.0.x < 4.0.10, 4.1.x < 4.1.4 - Unauthenticated Authentication Bypass

Apache Qpid < 0.20 - Unauthenticated Authentication Bypass via AMQP Federation Tag

Apache CXF <2.5.8, <2.6.5, <2.7.2 - Auth Bypass

Eucalyptus < 3.2.0 - Improper Authentication in Walrus Internal Message Protocol

BigAntSoft BigAnt IM Message Server - Unauthenticated Arbitrary File Write via File Upload

IBM WebSphere Message Broker 6.1-7.0 - Improper Authentication

IBM Netezza WebAdmin 6.0.5 6.0.8 7.0 - Unauthenticated Credential Exposure via Network Sniffing

IBM SAN Volume Controller and Storwize V7000 < 6.4.1.3 - Unauthenticated Authentication Bypass

JBoss EAP < 5.2.0 - Unauthenticated Remote Code Execution via JMX/EJB Invoker

IBM InfoSphere Information Server 8.1, 8.5-8.7 - Authenticated Privilege Escalation

CVE-2012-6440 MEDIUM

Rockwell Automation ControlLogix/CompactLogix - Improper Web Server Authentication

Previous Page 147 of 175 Next

Details

Vulnerabilities 4,374

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy