CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,376 vulnerabilities with CWE-287
CVE-2008-3703
Symantec Veritas Storage Foundation <5.1 - RCE
CVE-2008-3579
Calacode @Mail 5.41 - Info Disclosure
CVE-2008-3503
Plain Black WebGUI <7.5.13 - Info Disclosure
CVE-2008-3504
mask PHP File Manager <2.3 - Info Disclosure
CVE-2008-3425
Sun Java System Web Server 7.0 - Privilege Escalation
CVE-2008-3428
phpfreechat 1.1 - Session Fixation via session_id Parameter
CVE-2008-3411
Axesstel AXW-D800 - Info Disclosure
CVE-2008-3407
phpLinkat 0.1 - Unauthenticated Authentication Bypass via login=right Cookie
CVE-2008-3375
JamRoom < 3.4.0 - Unauthenticated Authentication Bypass via Serialized Cookie
CVE-2008-3317
Maian Search < 1.1 - Unauthenticated Authentication Bypass via search_cookie
CVE-2008-3318
Maian Weblog < 3.1 - Unauthenticated Authentication Bypass via weblog_cookie
CVE-2008-3319
Maian Links < 3.1 - Unauthenticated Authentication Bypass via links_cookie
CVE-2008-3320
Maian Guestbook < 3.2 - Unauthenticated Authentication Bypass via gbook_cookie
CVE-2008-3321
Maian Uploader < 4.0 - Unauthenticated Authentication Bypass via uploader_cookie
CVE-2008-3322
Maian Recipe < 1.2 - Unauthenticated Authentication Bypass via recipe_cookie
CVE-2008-3299
eSyndiCat 1.6 - Unauthenticated Authentication Bypass via admin_lng Cookie
CVE-2008-3292
EZWebAlbum 1.0 - Unauthenticated Authentication Bypass via photoalbumadmin Cookie
CVE-2008-3264
Asterisk Open Source <1.2.30,1.4.21.2 - DoS
CVE-2008-3211
Scripteen Free Image Hosting Script <1.2.1 - Auth Bypass
CVE-2008-3203
AuraCMS 2.2-2.2.2 - Unauthenticated Arbitrary Content Modification via id Parameter
CVE-2008-2801
Firefox < 2.0.0.14 and SeaMonkey < 1.1.9 - Remote Code Execution via JAR Archive JavaScript Injection
CVE-2008-3033
RSS-aggregator 1.0 - Unauthenticated Admin Function Access via admin/fonctions/ Directory
CVE-2008-2920
eztechhelp_ezcms < 1.2 - Unauthenticated Arbitrary File Manipulation via File Manager
CVE-2008-2730
Cisco Unified Communications Manager 5.x-5.1(3)/6.x-6.1(1) - Authentication Bypass via RIS Data Collector
CVE-2008-2879
Benja CMS 0.1 - Unauthenticated Admin Access
Details
Vulnerabilities 4,376
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits