CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,372 vulnerabilities with CWE-287
CVE-2020-8994 MEDIUM
XIAOMI AI Speaker MDZ-25-DT Firmware 1.34.36 and 1.40.14 - Unauthenticated Root Shell Access via UART Interface
CVSS 6.8
CVE-2020-8664 MEDIUM
CNCF Envoy <1.13.0 - Privilege Escalation
CVSS 5.3
CVE-2020-5536 HIGH
OpenBlocks IoT VX2 <4.0.0 - Auth Bypass
CVSS 8.8
CVE-2020-3923 HIGH
TONNET TAT-76 and TAT-77 Series DVR Firmware - Improper Authentication via Default Password
CVSS 8.1
CVE-2020-8862 HIGH
D-Link DAP-2610 Firmware v2.01RC067 - Auth Bypass
CVSS 8.8
CVE-2020-8861 HIGH
D-Link DAP-1330 1.10B01 BETA - Auth Bypass
CVSS 8.8
CVE-2020-3944 HIGH
vRealize Operations for Horizon Adapter <6.7.1 & 6.6.1 - Auth Bypass
CVSS 8.6
CVE-2020-1842 MEDIUM
Huawei HEGE-560 <1.0.1.20(SP2), OSCA-550, OSCA-550A, OSCA-550AX, OS...
CVSS 6.8
CVE-2020-1812 HIGH
HUAWEI P30 <10.0.0.173(C00E73R1P11) - Auth Bypass
CVSS 7.8
CVE-2020-1789 MEDIUM
Huawei OSCA-550 - Insufficient Authentication
CVSS 6.8
CVE-2020-5532 MEDIUM
ilbo App <1.1.8-1.2.01 - Auth Bypass
CVSS 4.3
CVE-2020-8953 CRITICAL
OpenVPN Access Server 2.8.0-2.8.1 - LDAP Authentication Bypass
CVSS 9.8
CVE-2020-8595 HIGH
Istio <1.2.10-1.3.7-1.4.3 - Auth Bypass
CVSS 7.3
CVE-2020-0688 HIGH KEV
Microsoft Exchange Server - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2020-8771 CRITICAL
Time Capsule <1.21.16 - Auth Bypass
CVSS 9.8
CVE-2020-8591 CRITICAL
eG Manager 7.1.2 - Authentication Bypass via EgLoginServlet Request
CVSS 9.8
CVE-2020-8510 CRITICAL
phpABook 0.9 Intermediate - Auth Bypass
CVSS 9.8
CVE-2020-5206 HIGH
Opencast < 7.6 - Improper Authentication via Remember-Me Cookie
CVSS 8.7
CVE-2020-5224 MEDIUM
django-user-sessions < 1.7.1 - Session Takeover via Exposed Session Key
CVSS 6.5
CVE-2020-1788 MEDIUM
Honor V30 <10.0.1.135(C00E130R4P1 - Auth Bypass
CVSS 5.5
CVE-2020-1840 MEDIUM
HUAWEI Mate 20 <10.0.0.175 - Privilege Escalation
CVSS 6.0
CVE-2020-7222 MEDIUM
Amcrest Web Server 2.520.AC00.18.R - Unauthenticated Authentication Bypass via Result Parameter Manipulation
CVSS 5.3
CVE-2020-1786 MEDIUM
HUAWEI Mate 20 Pro <10.0.0.175(C00E69R3P8 - Auth Bypass
CVSS 4.6
CVE-2020-1787 MEDIUM
HUAWEI Mate 20 <9.1.0.139(C00E133R3P1 - Privilege Escalation
CVSS 6.6
CVE-2019-6198 HIGH
Lenovo PCManager < 2.8.90.11211 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 4,372
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits