Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1187

1187 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-33242 Improper authentication in Qualcomm IPC — Snapdragon 7.8 High2023-03-07
CVE-2023-0228 Improper authentication vulnerability in S+ Operations — Symphony Plus S+ Operations 8.8 High2023-03-02
CVE-2023-1065 Snyk kubernetes-monitor 授权问题漏洞 — Snyk Kubernetes Monitor 6.5 Medium2023-02-28
CVE-2023-20012 Cisco Nexus 9300-FX3 Series Fabric Extender for UCS Fabric Interconnects Authentication Bypass Vulnerability — Cisco Unified Computing System (Managed) 5.3 Medium2023-02-23
CVE-2015-10083 harrystech Dynosaur-Rails application_controller.rb basic_auth improper authentication — Dynosaur-Rails 6.3 Medium2023-02-21
CVE-2023-0905 SourceCodester Employee Task Management System changePasswordForEmployee.php improper authentication — Employee Task Management System 7.3 High2023-02-18
CVE-2022-47508 Disable NTLM: SAM 2022.4 — Server & Application Monitor (SAM) 7.5 High2023-02-15
CVE-2023-21817 Windows Kerberos Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2023-02-14
CVE-2023-21721 Microsoft OneNote Elevation of Privilege Vulnerability — Microsoft OneNote for Android 6.5 Medium2023-02-14
CVE-2023-25559 System account impersonation in DataHub — datahub 8.2 High2023-02-10
CVE-2023-21419 SAMSUNG Mobile devices 安全漏洞 — Samsung Mobile Devices 4.3 Medium2023-02-09
CVE-2023-21425 SAMSUNG Mobile devices 授权问题漏洞 — Samsung Mobile Devices 4.3 Medium2023-02-09
CVE-2023-21437 SAMSUNG Mobile devices 授权问题漏洞 — Samsung Mobile Devices 4.0 Medium2023-02-09
CVE-2023-24830 Apache IoTDB Workbench: apache/iotdb-web-workbench: create a user without authorization — Apache IoTDB Workbench 9.8 -2023-01-30
CVE-2022-32514 Schneider Electric C-Bus多款产品 授权问题漏洞 — C-Bus Network Automation Controller, LSS5500NAC 9.8 Critical2023-01-30
CVE-2022-43978 Limited Authentication bypass due to hardcoded secret — Pandora FMS 5.6 Medium2023-01-27
CVE-2023-23612 Issue with whitespace in JWT roles in OpenSearch — security 4.7 Medium2023-01-24
CVE-2023-0311 Improper Authentication in thorsten/phpmyfaq — thorsten/phpmyfaq 8.8 -2023-01-15
CVE-2023-22497 Netdata is vulnerable to improper authentication — netdata 6.5 Medium2023-01-14
CVE-2023-0036 platform_callback_stub in misc subsystem has an authentication bypass vulnerability which allows an "SA relay attack". — OpenHarmony 6.5 Medium2023-01-09
CVE-2023-0035 softbus_client_stub in communication subsystem has an authentication bypass vulnerability which allows an "SA relay attack". — OpenHarmony 6.5 Medium2023-01-09
CVE-2022-1101 SourceCodester Royale Event Management System userregister.php improper authentication — Royale Event Management System 7.3 High2023-01-07
CVE-2014-125060 holdennb CollabCal calenderServer.cpp handleGet improper authentication — CollabCal 7.3 High2023-01-07
CVE-2022-39042 aEnrich a+HRD - Improper Authentication — a+HRD 9.8 Critical2023-01-03
CVE-2022-23554 Authentication bypass in Alpine — alpine 6.5 Medium2022-12-28
CVE-2022-23555 authentik vulnerable to Improper Authentication via invitation URL token reuse — authentik 9.4 Critical2022-12-28
CVE-2022-3156 Rockwell Automation Studio 5000 Logix Emulate Vulnerable to a Remote Code Execution Vulnerability — Studio 5000 Logix Emulate 7.8 High2022-12-27
CVE-2022-35646 IBM Security Verify Governance, Identity Manager security bypass — Security Verify Governance, Identity Manager 5.9 Medium2022-12-22
CVE-2022-46170 CodeIgniter is vulnerable to improper authentication via Session Handlers — CodeIgniter4 8.6 High2022-12-22
CVE-2022-23540 jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify() — node-jsonwebtoken 6.4 Medium2022-12-22

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1187 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.