CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,371 vulnerabilities with CWE-287
CVE-2020-8713 HIGH
Intel(R) Server <1.59 - Privilege Escalation
CVSS 8.8
CVE-2020-8709 HIGH
Intel(R) Server <2.45 - Privilege Escalation
CVSS 8.8
CVE-2020-8708 HIGH
Intel(R) Server <1.59 - Privilege Escalation
CVSS 8.8
CVE-2020-13290 HIGH
GitLab <13.0.12-13.2.3 - Info Disclosure
CVSS 7.5
CVE-2020-13292 CRITICAL
GitLab <13.0.12-13.2.3 - Auth Bypass
CVSS 9.6
CVE-2020-15063 HIGH
DIGITUS DA-70254 2.073.000.E0008 - Unauthenticated Authentication Bypass via Missing Password Parameter
CVSS 8.8
CVE-2020-15059 HIGH
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 - Authentication Bypass via Missing Password
CVSS 8.8
CVE-2020-15055 HIGH
TP-Link USB Network Server TL-PS310U <2.079.000.t0210 - Auth Bypass
CVSS 8.8
CVE-2020-16169 CRITICAL
temi Robox OS < 119.24 - Authentication Bypass via Alternate Path
CVSS 9.8
CVE-2020-15136 MEDIUM
ectd <3.4.10, <3.3.23 - Info Disclosure
CVSS 6.5
CVE-2020-13365 HIGH
Zyxel Products - Privilege Escalation
CVSS 8.8
CVE-2020-5608 CRITICAL
CAMS for HIS CENTUM CS 3000 - Auth Bypass
CVSS 9.8
CVE-2020-5616 CRITICAL
[Calendar01]-[Calendar02],[PKOBO-News01]-[PKOBO-vote01],[Telop01]-[...
CVSS 9.8
CVE-2020-8108 HIGH
Bitdefender Endpoint Security for Mac <4.12.80 - Privilege Escalation
CVSS 8.2
CVE-2020-5384 HIGH
RSA MFA Agent 2.0 - Unauthenticated Authentication Bypass via Alternate Path
CVSS 8.4
CVE-2020-14158 CRITICAL
ABUS Secvest Hybrid FUMO50110 Firmware - Authentication Bypass via RF Packet Manipulation
CVSS 9.1
CVE-2020-8206 HIGH
Pulse Connect Secure <9.1RB - Auth Bypass
CVSS 8.1
CVE-2020-16088 CRITICAL
OpenBSD < 6.7 - Authentication Bypass in OpenIKED Public Key Check
CVSS 9.8
CVE-2020-9077 LOW
HUAWEI P30 Firmware < 10.1.0.160(C00E160R2P11) - Information Exposure via Improper Interface Authentication
CVSS 3.3
CVE-2020-12812 CRITICAL KEV
FortiOS 6.4.0, 6.2.0-6.2.3, <6.0.10 - Improper Authentication via Username Case Variation
CVSS 9.8
CVE-2020-8207 HIGH
Citrix Workspace app <2006.1 - Privilege Escalation
CVSS 8.8
CVE-2020-15921 CRITICAL
Mida eFramework < 2.9.0 - Unauthenticated Backdoor Access and Code Execution
CVSS 9.8
CVE-2020-12638 MEDIUM
Espressif ESP-IDF <4.2 - Auth Bypass
CVSS 6.8
CVE-2020-10918 HIGH
C-MORE HMI EA9 Firmware <6.52 - Auth Bypass
CVSS 7.5
CVE-2020-15896 HIGH
D-Link DAP-1522 Firmware < 1.10b04Beta02 - Unauthenticated Authentication Bypass via NO_NEED_AUTH Parameter
CVSS 7.5
Details
Vulnerabilities 4,371
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits