CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,377 vulnerabilities with CWE-287
CVE-2008-0466
Web Wiz Rich Text Editor 4.0, Forums 9.07, Newspad 1.02 - Unauthenticated Directory Listing & File Read
CVE-2008-0403
Belkin F5D9230-4 - Unauthenticated Configuration Access via SaveCfgFile.cgi
CVE-2008-0391
aliTalk 1.9.1.1 - Unauthenticated Arbitrary User Account Creation via lilil Parameter
CVE-2008-0377
MicroNews - Unauthenticated Authentication Bypass via Direct Admin.php Request
CVE-2008-0351
evilsentinel < 1.0.9 - Unauthenticated CAPTCHA Bypass via Omitted es_security_captcha Parameter
CVE-2008-0330
Radiator < 3.17.1 - Denial of Service via Malformed RADIUS Requests
CVE-2008-0229
LevelOne WBR-3460A - Unauthenticated Administrative Access via Telnet Service
CVE-2008-0210
Uebimiau Webmail 2.7.10 and 2.7.2 - Unauthenticated Authentication Bypass via sess[auth] Parameter
CVE-2008-0150
Aruba Mobility Controller < 2.4.8.11-fips - Unauthenticated LDAP Authentication Bypass
CVE-2007-6760 CRITICAL
Dataprobe iBootBar <2007-09-20 - Auth Bypass
CVSS 9.8
CVE-2007-6759 CRITICAL
Dataprobe iBootBar < 2007-09-20 - Unauthenticated Authentication Bypass via DCRABBIT Cookie
CVSS 9.8
CVE-2007-6737
pyftpdlib < 0.2.0 - Improper Authentication via Invalid Username Handling
CVE-2007-6714
DBMail < 2.2.9 - Unauthenticated Authentication Bypass via Empty LDAP Password
CVE-2007-6601
PostgreSQL 7.3.0-7.3.20, 7.4.0-7.4.18, 8.0.0-8.0.14, 8.1.0-8.1.10, 8.2.0-8.2.5 - Privilege Escalation via DBLink Module
CVE-2007-6430
Asterisk Open Source <1.2.26 & 1.4.x <1.4.16 - Auth Bypass
CVE-2007-5855
Mail in Apple Mac OS X <10.4.11 & 10.5.1 - Info Disclosure
CVE-2007-5862
Java in Mac OS X <10.4.11 - Auth Bypass
CVE-2007-6398
Flat PHP Board < 1.2 - Unauthenticated Authentication Bypass via fpb_username Cookie
CVE-2007-6384
BEA WebLogic Mobility Server <3.6 - Info Disclosure
CVE-2007-6385
Kerio WinRoute Firewall <6.4.1 - Info Disclosure
CVE-2007-6226
APC OAS 3.5.6 and Switched Rack PDU Firmware 3.5.5 - Improper Authentication
CVE-2007-6234
FTP Admin 0.1.0 - Unauthenticated Authentication Bypass via Loggedin Parameter
CVE-2007-6237
DeluxeBB 1.09 - Authenticated Profile Update via Membercookie Parameter Manipulation
CVE-2007-6145
Hitachi JP1/File Transmission Server/FTP - Auth Bypass
CVE-2007-6130
gnump3d 2.9final - Unauthenticated Access Bypass via Plugin Password Protection
Details
Vulnerabilities 4,377
Exploit Likelihood High