CWE-354

Medium likelihood

Improper Validation of Integrity Check Value

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.

160 vulnerabilities with CWE-354
CVE-2017-18649 HIGH
Samsung N(7.x) - Privilege Escalation
CVSS 7.2
CVE-2017-3224 HIGH
Quagga - Denial of Service via Crafted OSPF LSA with MaxSequenceNumber
CVSS 8.2
CVE-2017-15994 CRITICAL
rsync 3.1.3-development - Info Disclosure
CVSS 9.8
CVE-2017-3760 HIGH
Lenovo Service Framework - Remote Code Execution via Man-in-the-Middle Attack
CVSS 8.1
CVE-2017-12973 LOW
Nimbus JOSE+JWT <4.39 - Info Disclosure
CVSS 3.1
CVE-2017-9498 MEDIUM
Motorola MX011ANM/XR11-20 - Local Privilege Escalation
CVSS 5.5
CVE-2017-9606 HIGH
Infotecs ViPNet Client and Coordinator <4.3.2-42442 - Privilege Escalation via Trojan Update
CVSS 7.3
CVE-2017-4961 HIGH
Cloud Foundry Foundation BOSH Release <261.3 - Privilege Escalation
CVSS 8.8
CVE-2016-15028 MEDIUM
ICEPAY REST-API-NET <1.0 - Improper Validation
CVSS 4.8
CVE-2012-1170 HIGH
Moodle <2.2.2 - Privilege Escalation
CVSS 7.5
Details
Vulnerabilities 160
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits