Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1187

1187 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-5329 Field Logic DataCube4 Web API improper authentication — DataCube4 4.3 Medium2023-10-02
CVE-2023-5328 SATO CL4NX-J Plus Cookie improper authentication — CL4NX-J Plus 6.3 Medium2023-10-01
CVE-2023-5326 SATO CL4NX-J Plus WebConfig improper authentication — CL4NX-J Plus 6.3 Medium2023-10-01
CVE-2023-43660 SSH key password bypassed in warpgate — warpgate 4.8 Medium2023-09-27
CVE-2023-42818 SSH public key login without private key challenge if mfa is enabled in jumpserver — jumpserver 5.4 Medium2023-09-27
CVE-2023-31015 NVIDIA DGX 授权问题漏洞 — DGX H100 BMC 6.6 Medium2023-09-20
CVE-2023-0773 Unauthorized Access Control Vulnerability in Uniview IP Camera — Uniview IP Camera IPC322LB-SF28-A 9.1 Critical2023-09-19
CVE-2023-42442 JumpServer session replays download without authentication — jumpserver 8.2 High2023-09-15
CVE-2023-4985 Supcon InPlant SCADA Project.xml improper authentication — InPlant SCADA 5.9 Medium2023-09-15
CVE-2023-4568 PaperCut NG Unauthenticated XMLRPC — PaperCut NG 6.5 Medium2023-09-13
CVE-2023-4501 Authentication bypass in OpenText (Micro Focus) Enterprise Server — Visual COBOL, COBOL Server, Enterprise Developer, Enterprise Server 9.8 Critical2023-09-12
CVE-2023-29463 Pavilion8 Security Misconfiguration Vulnerability — Pavilion8 8.8 High2023-09-12
CVE-2023-4816 Hitachi Energy Asset Suite 授权问题漏洞 — Asset Suite 9 6.9 Medium2023-09-11
CVE-2023-20238 Cisco BroadWorks Application 安全漏洞 — Cisco BroadWorks 10.0 Critical2023-09-06
CVE-2023-41751 Acronis Agent 授权问题漏洞 — Acronis Agent 7.5 -2023-08-31
CVE-2023-32202 Walchem Intuition Improper Authentication — Intuition 9 6.5 Medium2023-08-23
CVE-2023-4415 Ruijie RG-EW1200G login improper authentication — RG-EW1200G 7.3 High2023-08-18
CVE-2023-32453 Dell BIOS 授权问题漏洞 — CPG BIOS 4.6 Medium2023-08-16
CVE-2023-40020 Improper Authentication in PrivateUploader — PrivateUploader 9.9 Critical2023-08-14
CVE-2023-39531 Sentry vulnerable to incorrect credential validation on OAuth token requests — sentry 6.5 Medium2023-08-09
CVE-2023-4242 FULL - Customer <= 2.2.3 - Authenticated(Subscriber+) Information Disclosure via Health Check — FULL – Cliente 4.3 Medium2023-08-09
CVE-2023-38691 matrix-appservice-bridge doesn't verify the sub parameter of an openId token exhange, allowing unauthorized access to provisioning APIs — matrix-appservice-bridge 5.0 Medium2023-08-04
CVE-2023-20214 Cisco SD-WAN vManage 授权问题漏洞 — Cisco SD-WAN vManage 9.1 Critical2023-08-03
CVE-2023-3622 Access Control Bypass Vulnerability in the SolarWinds Platform — SolarWinds Platform 4.3 Medium2023-07-26
CVE-2023-2626 Authentication Bypass in OpenThread Boarder Router devices — Nest Hub Max 7.5 High2023-07-25
CVE-2023-37918 API token authentication bypass in HTTP endpoints in Dapr — dapr 6.8 Medium2023-07-21
CVE-2023-37471 User impersonation using SAMLv1.x SSO in Open Access Management — OpenAM 9.1 Critical2023-07-20
CVE-2023-3638 GeoVision GV-ADR2701 Improper Authentication — GV-ADR2701 9.8 Critical2023-07-19
CVE-2022-34155 WordPress OAuth Single Sign On – SSO (OAuth Client) Plugin <= 6.23.3 is vulnerable to Broken Authentication — OAuth Single Sign On – SSO (OAuth Client) 8.8 High2023-07-18
CVE-2023-37266 Weak json web token (JWT) secrets in CasaOS — CasaOS 9.8 Critical2023-07-17

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1187 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.