CWE-303

Incorrect Implementation of Authentication Algorithm

Parent: CWE-1390 - Weak Authentication

The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.

78 vulnerabilities with CWE-303
CVE-2023-32148 MEDIUM
Dlink Dir-2640 Firmware - Authentication Bypass
CVSS 6.5
CVE-2023-31211 HIGH
Checkmk <2.2.0p18-2.0.0p39 - Auth Bypass
CVSS 8.8
CVE-2023-4641 MEDIUM
shadow-utils - Info Disclosure
CVSS 4.7
CVE-2023-5627 HIGH
NPort 6000 Series - Privilege Escalation
CVSS 7.5
CVE-2023-39953 MEDIUM
user_oidc <1.3.3 - Man-in-the-Middle
CVSS 4.8
CVE-2023-3326 CRITICAL
pam_krb5 - Privilege Escalation
CVSS 9.8
CVE-2023-29357 CRITICAL KEV
Sharepoint Dynamic Proxy Generator Unauth RCE
CVSS 9.8
CVE-2023-29129 CRITICAL
Mendix SAML - Info Disclosure
CVSS 9.1
CVE-2023-25957 CRITICAL
Mendix Saml < 1.17.2 - Authentication Bypass
CVSS 9.1
CVE-2022-41985 HIGH
Weston-embedded Uc-ftps - Authentication Bypass
CVSS 8.6
CVE-2022-43635 MEDIUM
TP-Link TL-WR940N <6_211111 3.20.1(US) - Info Disclosure
CVSS 6.5
CVE-2022-4861 MEDIUM
M-Files Client <22.5.11356.0 - Privilege Escalation
CVSS 4.8
CVE-2022-46146 MEDIUM
Prometheus Exporter Toolkit <0.7.2-0.8.2 - Auth Bypass
CVSS 6.2
CVE-2022-39366 CRITICAL
Datahub < 0.8.45 - Authentication Bypass
CVSS 9.9
CVE-2022-20923 MEDIUM
Cisco Rv110w Firmware - Authentication Bypass
CVSS 4.0
CVE-2022-33736 HIGH
Opcenter Quality <V13.1.20220624-V13.2.20220624 - DoS
CVSS 7.5
CVE-2022-20695 CRITICAL
Cisco Wireless LAN Controller - Auth Bypass
CVSS 10.0
CVE-2021-42146 HIGH
Contiki-ng Tinydtls - Improper Exception Handling
CVSS 7.5
CVE-2021-21902 HIGH
Garrett IC Module Cma - Authentication Bypass
CVSS 8.1
CVE-2021-32691 HIGH
Apollos Apps <2.20.0 - Info Disclosure
CVSS 8.8
CVE-2021-21378 HIGH
Envoy - Authentication Bypass
CVSS 8.2
CVE-2020-15632 HIGH
D-Link DIR-842 3.13B05 - Auth Bypass
CVSS 8.8
CVE-2020-5268 MEDIUM
Sustainsys Saml2 < 1.0.2 - Authentication Bypass
CVSS 6.5
CVE-2020-8863 HIGH
D-Link DIR-867,DIR-878,DIR-882 <1.10B04 - Auth Bypass
CVSS 8.8
CVE-2020-8861 HIGH
D-Link DAP-1330 1.10B01 BETA - Auth Bypass
CVSS 8.8
Details
Vulnerabilities 78
Links
MITRE CWE Entry Search this CWE With Exploits