The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
138 vulnerabilities with CWE-305
CVE-2023-27535
MEDIUM
Haxx Libcurl < 7.88.1 - Authentication Bypass
CVSS 5.9
CVE-2023-27582
CRITICAL
Maddy < 0.6.3 - Authentication Bypass
CVSS 9.1
CVE-2023-1307
CRITICAL
Froxlor < 2.0.13 - Authentication Bypass
CVSS 9.8
CVE-2023-0777
CRITICAL
Modoboa < 2.0.4 - Authentication Bypass
CVSS 9.8
CVE-2022-48470
MEDIUM
Huawei Hilink AI Life - Authentication Bypass
CVSS 4.0
CVE-2022-40723
MEDIUM
PingID RADIUS PCV - Auth Bypass
CVSS 6.5
CVE-2022-3100
MEDIUM
OpenStack Barbican - Auth Bypass
CVSS 5.9
CVE-2022-4722
HIGH
Ikus-soft Rdiffweb < 2.5.5 - Authentication Bypass
CVSS 7.2
CVE-2022-39245
HIGH
Mist <0.9.5 - Command Injection
CVSS 8.4
CVE-2022-38700
HIGH
OpenHarmony <v3.1.1 - Privilege Escalation
CVSS 8.8
CVE-2022-38081
MEDIUM
OpenHarmony <v3.1.2 - Privilege Escalation
CVSS 6.2
CVE-2022-38064
MEDIUM
OpenHarmony <v3.1.2 - Privilege Escalation
CVSS 6.2
CVE-2022-2651
CRITICAL
bookwyrm-social/bookwyrm <0.4.5 - Auth Bypass
CVSS 9.8
CVE-2022-0547
CRITICAL
OpenVPN <2.4.13 or 2.5.7 - Auth Bypass
CVSS 9.8
CVE-2022-23729
HIGH
LG Device - Privilege Escalation
CVSS 7.8
CVE-2022-0451
MEDIUM
Dart SDK <2.16.0 - Info Disclosure
CVSS 6.5
CVE-2021-26102
CRITICAL
Fortinet Fortiwan < 4.5.8 - Path Traversal
CVSS 9.8
CVE-2021-45031
HIGH
MEPSAN USC+ <3.0 - Privilege Escalation
CVSS 7.7
CVE-2021-26726
HIGH
Valmet Dna < 2021 - Remote Code Execution
CVSS 8.8
CVE-2021-28503
HIGH
Arista EOS - Privilege Escalation
CVSS 7.4
CVE-2021-3850
CRITICAL
adodb/adodb <5.20.21 - Auth Bypass
CVSS 9.1
CVE-2021-43175
HIGH
GOautodial < commit 3c3a979 - Auth Bypass
CVSS 7.5
CVE-2021-3547
HIGH
OpenVPN 3 Core Library <3.6.1 - Auth Bypass
CVSS 7.4
CVE-2021-21403
HIGH
Kongchuanhujiao < 1.3.21 - Authentication Bypass
CVSS 7.5
CVE-2020-15077
MEDIUM
OpenVPN Access Server <2.8.7 - Auth Bypass
CVSS 5.3
Details
Vulnerabilities
138