Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-290

CWE-290

Authentication Bypass by Spoofing

Parent: CWE-1390 - Weak Authentication

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

578 vulnerabilities with CWE-290

CVE-2020-7327 MEDIUM

McAfee MVISION Endpoint Detection and Response Client < 3.2.0 - Authentication Bypass via Windows Service Manipulation

CVE-2020-7326 MEDIUM

McAfee Active Response < 2.4.4 - Authentication Bypass via Windows Service Manipulation

CVE-2020-16250 HIGH

HashiCorp Vault 0.7.1-1.2.4 - Authentication Bypass via AWS IAM Auth Method

CVE-2020-5415 CRITICAL

Concourse <6.3.1, 6.4.1 - Info Disclosure

CVE-2020-2033 MEDIUM

GlobalProtect 5.0.0-5.0.9 - Authentication Bypass via ARP Spoofing

CVE-2020-1331 MEDIUM

System Center Operations Manager - Spoofing via Web Request

CVE-2020-1329 MEDIUM

Microsoft Bing Search for Android - Spoofing via HTML Content

CVE-2020-10136 MEDIUM

Cisco NX-OS - Authentication Bypass by Spoofing via IP-in-IP Packet Handling

CVE-2020-10135 MEDIUM

Bluetooth BR/EDR Core Specification <5.2 - Auth Bypass

CVE-2020-2002 HIGH

PAN-OS 7.1.0-7.1.25 - Authentication Bypass via Kerberos KDC Spoofing

CVE-2020-4421 MEDIUM

IBM WebSphere Application Liberty 19.0.0.5-20.0.0.4 - Authenticated Identity Spoofing via OpenID Connect

CVE-2020-11015 HIGH

thinx-device-api <2.5.0 - Info Disclosure

CVE-2020-12272 MEDIUM

OpenDMARC < 1.3.2 - Authentication Bypass by Spoofing via SPF/DKIM Parsing

CVE-2020-4290 MEDIUM

IBM Security Information Queue 1.0.0-1.0.5 - Authenticated Configuration Owner Spoofing

CVE-2020-6810 MEDIUM

Firefox < 74.0 - Authentication Bypass by Spoofing via Fullscreen Mode Popup

CVE-2020-6808 MEDIUM

Firefox < 74.0 - Authentication Bypass by Spoofing via JavaScript URL Evaluation

CVE-2020-10807 MEDIUM

Caldera < 2.6.5 - Authentication Bypass via HTTP Host Header Spoofing

CVE-2019-25023 MEDIUM

Scytl sVote 2.1 - IP Address Spoofing via X-Forwarded-For Header

CVE-2019-18991 MEDIUM

Atheros AR9132/AR9283/AR9285 - Auth Bypass

CVE-2019-18990 MEDIUM

Realtek RTL8812AR 1.21WW - Auth Bypass

CVE-2019-18989 MEDIUM

Mediatek MT7620N 1.06 - Auth Bypass

CVE-2019-20790 CRITICAL

OpenDMARC <= 1.3.2 and 1.4.x - Authentication Bypass via HELO/MAIL FROM Inconsistency

CVE-2019-12131 CRITICAL

ONAP APPC and SDC 3.0.0-4.0.0 - Unauthenticated Authentication Bypass via USER_ID Header Spoofing

CVE-2019-11189 HIGH

ONOS < 2.0.0 - Authentication Bypass via Gratuitous ARP Reply

CVE-2019-20203 MEDIUM

Postie < 1.9.40 - Authentication Bypass via Email From Address Spoofing

Previous Page 21 of 24 Next

Details

Vulnerabilities 578

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy