Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-287

CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,376 vulnerabilities with CWE-287

Asterisk Open Source <10.3.1 - Command Injection

Siemens Scalance S S602/S612/S613 V2 < 2.3.0.3 - Unauthenticated Brute-Force via Web Server

Koyo ECOM Ethernet Module - Unauthenticated Improper Authentication

Koyo ECOM Ethernet Module - Improper Authentication via Short Password Length

AjaXplorer 3.2.x < 3.2.5 and 4.0.x < 4.0.4 - Improper Authentication via Cookie Handling

LG-Nortel ELO GS24M Switch - Unauthenticated Authentication Bypass via Direct Configuration Page Access

EMC RSA enVision <4.1.4 - Auth Bypass

easyvista < 2010 - Authentication Bypass via SSO URL Parameter Manipulation

Advantech WebAccess < 7.0 - Unauthenticated Remote Code Execution via GbScriptAddUp.asp

Advantech WebAccess < 7.0 - Unauthenticated Administrative Password Change via uaddUpAdmin.asp

CVE-2012-0931 CRITICAL

Schneider Electric Modicon Quantum PLC - DoS/RCE

CVE-2011-2054 MEDIUM

Cisco ASA 5500 Series - Improper Authentication via Blank LDAP Password Bypass

CVE-2011-4338 HIGH

Shaman 1.0.9 - Privilege Escalation

CVE-2011-4628 CRITICAL

TYPO3 < 4.3.12, 4.4.x < 4.4.9, 4.5.x < 4.5.4 - Authentication Bypass

CVE-2011-4973 CRITICAL

mod_nss 1.0.8 - Authentication Bypass via Hardcoded Password

CVE-2011-4068 CRITICAL

packetfence < 3.0.1 - Unauthenticated Authentication Bypass via Empty Password

libnet6 <1.3.14 - Info Disclosure

thegr dl 0.3-0.9 - Unauthenticated Arbitrary User Login via Authorization Header

JBoss Enterprise Application Platform <5.1.2 - Auth Bypass

McAfee Firewall Reporter < 5.1.0.6 - Improper Authentication via Cookie Handling

Moodle 2.0.x < 2.0.6 and 2.1.x < 2.1.3 - Authenticated Access Restriction Bypass via Webservice Login

qemu < 0.11.0 - Unauthenticated VNC Authentication Bypass

grboard 1.8.6.5 - Unauthenticated Database Modification via Multiple Scripts

Apache Qpid 0.12 - Improper Authentication during Cluster Join

Cisco Intrusion Prevention System 7.0 and 7.1 - Denial of Service via Authentication Attempt Exhaustion

Previous Page 151 of 176 Next

Details

Vulnerabilities 4,376

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy