Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1187

1187 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-3591 Lack of previous password reset tokens on new token creation — Mattermost 4.8 Medium2023-07-17
CVE-2023-35901 IBM Robotic Process Automation security bypass — Robotic Process Automation 2.7 Low2023-07-16
CVE-2023-37268 User login confusion with SSO in warpgate — warpgate 6.4 Medium2023-07-14
CVE-2023-30560 PCU Configuration Lacks Authentication — BD Alarisâ„¢ Point-of-Care Unit (PCU) Model 8015 6.8 Medium2023-07-13
CVE-2023-31007 Apache Pulsar: Broker does not always disconnect client when authentication data expires — Apache Pulsar--2023-07-12
CVE-2023-3127 Improper Authentication in iSTAR — iSTAR Ultra 7.5 High2023-07-11
CVE-2023-33190 Improperly configured permissions in Sealos — sealos 10.0 Critical2023-06-29
CVE-2023-20199 Cisco Duo Two-Factor Authentication for macOS Authentication Bypass Vulnerability — Cisco Duo 6.2 Medium2023-06-28
CVE-2023-30945 CVE-2023-30945 — com.palantir.gotham:clips2 9.8 Critical2023-06-26
CVE-2023-35154 Knowage-Server vulnerable to account validation bypass — Knowage-Server 7.2 High2023-06-23
CVE-2023-28073 Dell BIOS 授权问题漏洞 — CPG BIOS 8.2 High2023-06-23
CVE-2023-34340 Apache Accumulo: Accumulo 2.1.0 may incorrectly validate cached credentials — Apache Accumulo 9.1 -2023-06-21
CVE-2023-3337 PuneethReddyHC Online Shopping System Advanced Admin Registration reg.php improper authentication — Online Shopping System Advanced 7.3 High2023-06-20
CVE-2023-2638 Rockwell Automation FactoryTalk System Services Vulnerable to a Denial-of-Service Attack — FactoryTalk System Services 5.9 Medium2023-06-13
CVE-2023-20867 VMware Tools Authentication Bypass Vulnerability — VMware Tools 3.9 Low2023-06-13
CVE-2023-34246 Doorkeeper Improper Authentication vulnerability — doorkeeper 4.2 Medium2023-06-12
CVE-2023-32682 Improper checks for deactivated users during login in synapse — synapse 5.4 Medium2023-06-06
CVE-2023-3065 Mobatime mobile application - Authentication bypass — Mobatime mobile application AMXGT100 9.1 Critical2023-06-05
CVE-2023-2283 libssh 授权问题漏洞 — libssh 7.5 -2023-05-26
CVE-2023-2586 Teltonika Remote Management System 授权问题漏洞 — Remote Management System 9.0 Critical2023-05-22
CVE-2023-32347 Teltonika Remote Management System 授权问题漏洞 — Remote Management System 8.1 High2023-05-22
CVE-2023-2024 Improper Authentication for OpenBlue Enterprise Manager Data Collector — OpenBlue Enterprise Manager Data Collector 10.0 Critical2023-05-18
CVE-2023-0863 Authentication to access the AC wallbox via its Bluetooth Low Energy (BLE) channel can be bypassed, — Terra AC wallbox (UL40/80A) 8.8 High2023-05-17
CVE-2023-2706 OTP Login Woocommerce & Gravity Forms <= 2.2 - Authentication Bypass to Privilege Escalation — OTP Login & Register Woocommerce 8.1 High2023-05-17
CVE-2023-32081 Vert.x STOMP server process client frames that would not send initially a connect frame — vertx-stomp 6.5 Medium2023-05-12
CVE-2023-29032 Apache OpenMeetings: allows bypass authentication — Apache OpenMeetings 8.8 -2023-05-12
CVE-2023-32243 WordPress Essential Addons for Elementor Plugin 5.4.0-5.7.1 is vulnerable to Privilege Escalation — Essential Addons for Elementor 9.8 Critical2023-05-12
CVE-2023-28125 Ivanti Avalanche 竞争条件问题漏洞 — Avalanche 9.8 -2023-05-09
CVE-2023-31123 effectindex/tripreporter vulnerable to improper password verification on POST `/api/v1/account/login` — tripreporter 9.1 Critical2023-05-08
CVE-2023-21487 SAMSUNG Mobile devices 授权问题漏洞 — Samsung Mobile Devices 5.1 Medium2023-05-04

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1187 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.