Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1187

1187 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-0799 Authentication Bypass via wizardLogin in Arcserve Unified Data Protection — Unified Data Protection 9.8 Critical2024-03-13
CVE-2024-21427 Windows Kerberos Security Feature Bypass Vulnerability — Windows Server 2019 7.5 High2024-03-12
CVE-2024-21390 Microsoft Authenticator Elevation of Privilege Vulnerability — Microsoft Authenticator 7.1 High2024-03-12
CVE-2023-46717 Fortinet FortiOS 授权问题漏洞 — FortiOS 6.7 High2024-03-12
CVE-2024-21899 QTS, QuTS hero, QuTScloud — QTS 9.8 Critical2024-03-08
CVE-2023-46172 IBM DS8900F security bypass — DS8900F 5.6 Medium2024-03-07
CVE-2023-42662 JFrog Artifactory Improper SSO Mechanism may lead to Exposure of Access Tokens — Artifactory 9.3 Critical2024-03-07
CVE-2024-27923 Remote Code Execution by uploading a phar file using frontmatter — grav 8.8 High2024-03-06
CVE-2023-48703 SAML authentication bypass vulnerability in RobotsAndPencils/go-saml — go-saml 7.5 High2024-03-06
CVE-2024-20301 Cisco Duo 安全漏洞 — Cisco Duo 6.2 Medium2024-03-06
CVE-2023-38372 IBM Watson IoT Platform information disclosure — Watson IoT Platform 5.9 Medium2024-02-29
CVE-2024-25128 Flask-AppBuilder incorrect authentication when using auth type OpenID — Flask-AppBuilder 9.1 Critical2024-02-28
CVE-2024-22395 SonicWALL SMA100 授权问题漏洞 — SMA100 6.3 Medium2024-02-23
CVE-2024-1817 Demososo DM Enterprise Website Building System Cookie indexDM_load.php dmlogin improper authentication — DM Enterprise Website Building System 7.3 High2024-02-23
CVE-2024-22245 Arbitrary Authentication Relay Vulnerability in Deprecated EAP Browser Plugin — VMware Enhanced Authentication Plug-in (EAP) 9.6 Critical2024-02-20
CVE-2022-41737 IBM Spectrum Scale security bypass — Storage Scale Container Native Storage Access 7.1 High2024-02-17
CVE-2022-41738 IBM Spectrum Scale security bypass — Storage Scale Container Native Storage Access 7.5 High2024-02-17
CVE-2024-20738 Adobe FrameMaker Publishing Server Authentication Bypass Vulnerability | CVE-2023-44324 bypass — Adobe Framemaker Publishing Server 9.8 Critical2024-02-15
CVE-2024-25618 External OpenID Connect Account Takeover by E-Mail Change in mastodon — mastodon 4.2 Medium2024-02-14
CVE-2024-0568 Schneider Electric Harmony Control Relay 授权问题漏洞 — Harmony Control Relay RMNF22TB30 8.8 High2024-02-14
CVE-2024-21410 Microsoft Exchange Server Elevation of Privilege Vulnerability — Microsoft Exchange Server 2016 Cumulative Update 23 9.8 Critical2024-02-13
CVE-2024-23813 Siemens Polarion ALM 授权问题漏洞 — Polarion ALM 7.3 High2024-02-13
CVE-2024-22394 SonicWALL SonicOS 授权问题漏洞 — SonicOS 9.8 -2024-02-08
CVE-2023-39196 Apache Ozone: Missing mutual TLS authentication in one of the service internal Ozone Storage Container Manager endpoints — Apache Ozone 5.3 Medium2024-02-07
CVE-2023-39303 QTS, QuTS hero, QuTScloud — QTS 5.3 Medium2024-02-02
CVE-2024-23637 OctoPrint Unverified Password Change via Access Control Settings — OctoPrint 4.2 Medium2024-01-31
CVE-2024-23647 PKCE downgrade attack in Authentik — authentik 6.5 Medium2024-01-30
CVE-2024-1006 Shanxi Diankeyun Technology NODERP Cookie common.php improper authentication — NODERP 7.3 High2024-01-29
CVE-2024-23792 Insufficient access control — OTRS 5.3 Medium2024-01-29
CVE-2024-0988 Sichuan Yougou Technology KuERP common.php checklogin improper authentication — KuERP 6.3 Medium2024-01-29

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1187 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.