CWE-305

Authentication Bypass by Primary Weakness

Parent: CWE-1390 - Weak Authentication

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

138 vulnerabilities with CWE-305
CVE-2020-15078 HIGH
OpenVPN <2.5.1 - Auth Bypass
CVSS 7.5
CVE-2020-14359 HIGH
Keycloak Gatekeeper - Auth Bypass
CVSS 7.3
CVE-2020-24683 CRITICAL
S+ Operations <2.1 SP1 - Auth Bypass
CVSS 9.8
CVE-2020-15787 CRITICAL
SIMATIC HMI Unified Comfort Panels <= V16 - Info Disclosure
CVSS 9.8
CVE-2020-10126 HIGH
NCR SelfServ ATMs APTRA XFS 05.01.00 - Code Injection
CVSS 7.6
CVE-2020-10123 MEDIUM
NCR SelfSev APTRA XFS <05.01.00 - Privilege Escalation
CVSS 5.3
CVE-2020-10923 HIGH
NETGEAR R6700 V1.0.4.84_10.0.58 - Auth Bypass
CVSS 8.8
CVE-2020-11012 CRITICAL
MinIO <RELEASE.2020-04-23T00-58-49Z - Auth Bypass
CVSS 9.3
CVE-2019-14910 CRITICAL
Keycloak 7.x - Auth Bypass
CVSS 9.8
CVE-2019-14909 HIGH
Keycloak 7.x - Auth Bypass
CVSS 8.3
CVE-2019-14833 MEDIUM
Samba <4.9.15, 4.10.10, 4.11.2 - Info Disclosure
CVSS 5.4
CVE-2019-0042 MEDIUM
Juniper Identity Management Service < 1.1.4 - Denial of Service
CVSS 4.2
CVE-2019-3878 HIGH
mod_auth_mellon <0.14.2 - Auth Bypass
CVSS 8.1
Details
Vulnerabilities 138
Links
MITRE CWE Entry Search this CWE With Exploits