Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1187

1187 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-32951 Advantech WebAccess/NMS Improper Authentication — WebAccess/NMS 5.3 Medium2021-10-27
CVE-2021-41157 FreeSWITCH does not authenticate SIP SUBSCRIBE requests by default — freeswitch 5.3 Medium2021-10-26
CVE-2021-37624 FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam and message spoofing — freeswitch 7.5 High2021-10-25
CVE-2021-31349 Session Smart Router: Authentication Bypass Vulnerability — 128 Technology Session Smart Router 9.8 Critical2021-10-19
CVE-2021-41126 Deleted Admin Can Sign In to Admin Interface — october 7.2 High2021-10-06
CVE-2021-25490 SAMSUNG Mobile devices 安全漏洞 — Samsung Mobile Devices 6.0 Medium2021-10-06
CVE-2021-25484 Samsung SMR 授权问题漏洞 — Samsung Mobile Devices 4.0 Medium2021-10-06
CVE-2021-39226 Snapshot authentication bypass in grafana — grafana 9.8 Critical2021-10-05
CVE-2021-31917 Red Hat Infinispan授权问题漏洞 — Red Hat DataGrid and Infinispan 9.8 -2021-09-21
CVE-2021-38412 Digi PortServer TS 16 Improper Authentication — PortServer TS 16 9.6 Critical2021-09-17
CVE-2021-41303 Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass — Apache Shiro 9.8 -2021-09-17
CVE-2021-39215 Authentication Bypass: Forged Tokens Allow Access to Arbitrary Rooms — jitsi-meet 7.5 High2021-09-15
CVE-2021-25466 Samsung Internet 授权问题漏洞 — Samsung Internet 6.5 Medium2021-09-09
CVE-2021-25451 Samsung SMR 授权问题漏洞 — Samsung Mobile Devices 3.3 Low2021-09-09
CVE-2021-28494 Arista Networks MOS 授权问题漏洞 — Metamako Operating System 9.6 Critical2021-09-09
CVE-2021-28493 Arista Networks MOS 授权问题漏洞 — Metamako Operating System 8.4 High2021-09-09
CVE-2021-28495 Arista Networks MOS 授权问题漏洞 — Metamako Operating System 7.2 High2021-09-09
CVE-2021-39196 Authenticated non-privileged user can request unfiltered data without adequate permissions in pcapture — pcapture 7.7 High2021-09-07
CVE-2021-22943 Ubiquiti Networks UniFi Protect 授权问题漏洞 — UniFi Protect application 9.6 -2021-08-31
CVE-2021-34578 WAGO: Authentication Vulnerability in Web-Based Management — PLC 9.8 Critical2021-08-31
CVE-2021-39177 User impersonation due to incorrect handling of the login JWT — Geyser 7.4 High2021-08-30
CVE-2021-39165 Unauthenticated SQL Injection — Cachet 8.1 High2021-08-26
CVE-2021-29487 Authentication bypass in Octobercms — october 7.4 High2021-08-26
CVE-2021-32648 Account Takeover in Octobercms — october 8.2 High2021-08-26
CVE-2021-39138 New anonymous user session acts as if it's created with password — parse-server 4.8 Medium2021-08-18
CVE-2021-3458 Motorola MM1000 授权问题漏洞 — MM1000 MoCA Adapter 6.1 Medium2021-08-17
CVE-2021-24527 Profile Builder < 3.4.9 - Admin Access via Password Reset — User Registration & User Profile – Profile Builder 9.8 -2021-08-16
CVE-2021-3046 PAN-OS: Improper SAML Authentication Vulnerability in GlobalProtect Portal — PAN-OS 6.8 Medium2021-08-11
CVE-2021-37172 SIMATIC S7-1200 授权问题漏洞 — SIMATIC S7-1200 CPU family (incl. SIPLUS variants) 7.5 -2021-08-10
CVE-2021-25445 Samsung Internet 授权问题漏洞 — Samsung Internet 4.3 -2021-08-05

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1187 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.