Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1187

1187 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-28174 Mitake Smart Stock Selection System - Broken Authentication — Mitake Smart Stock Selection System 6.5 Medium2021-04-08
CVE-2021-24175 The Plus Addons for Elementor Page Builder < 4.1.7 - Authentication Bypass — The Plus Addons for Elementor Page Builder 9.8 -2021-04-05
CVE-2021-25368 Samsung Cloud 授权问题漏洞 — Samsung Cloud 3.3 Low2021-03-25
CVE-2021-24148 MStore API < 3.2.0 - Authentication Bypass With Sign In With Apple — MStore API 7.5 -2021-03-18
CVE-2021-21378 JWT authentication bypass with unknown issuer token — envoy 8.2 High2021-03-11
CVE-2020-27838 Red Hat Keycloak 授权问题漏洞 — keycloak 4.3 -2021-03-08
CVE-2021-21335 Basic Authentication can be bypassed using a malformed username — spnego-http-auth-nginx-module 5.3 Medium2021-03-08
CVE-2021-21329 Multi Factor Authentication Token Improperly Validated On User Login — core 8.7 High2021-03-08
CVE-2020-5148 SonicWall SSO-agent 授权问题漏洞 — Directory Services Connector 9.8 -2021-03-05
CVE-2021-25347 Samsung Email application 授权问题漏洞 — Samsung Mobile Devices 5.3 Medium2021-03-04
CVE-2021-25343 Samsung mobile devices 授权问题漏洞 — Samsung Members 4.0 Medium2021-03-04
CVE-2021-25342 Samsung mobile devices 授权问题漏洞 — SMP sdk 4.0 Medium2021-03-04
CVE-2021-25341 S Assistant 授权问题漏洞 — S Assistant 4.0 Medium2021-03-04
CVE-2021-25315 salt-api unauthenticated remote code execution — SUSE Linux Enterprise Server 15 SP 3 9.8 Critical2021-03-03
CVE-2021-21513 Dell EMC OpenManage Server Administrator 授权问题漏洞 — Dell Open Manage Server Administrator 8.6 High2021-03-02
CVE-2021-21308 Improper session management for soft logout — PrestaShop 6.1 Medium2021-02-26
CVE-2021-22858 ChanGate EnterPrise Co., Ltd property management system - Broken Authentication — property management system 8.8 High2021-02-17
CVE-2021-25910 ZIV AUTOMATION 4CCT vulnerable to improper authentication — 4CCT-EA6-334126BF 8.0 High2021-01-29
CVE-2021-26117 ActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind — Apache ActiveMQ 7.5 -2021-01-27
CVE-2020-24675 Weak Authentication in Symphony Plus — ABB Ability™ Symphony® Plus Operations 9.8 Critical2020-12-22
CVE-2020-27254 X-STREAM enhanced XEGP 授权问题漏洞 — Emerson Rosemount X-STREAM Gas Analyzer 7.5 -2020-12-21
CVE-2020-27780 Linux-pam 授权问题漏洞 — pam 9.8 -2020-12-17
CVE-2020-16102 Gallagher Group Command Centre 访问控制错误漏洞 — Command Centre 7.1 High2020-12-14
CVE-2020-25183 Medtronic MyCareLink Smart Improper Authentication — Smart Model 25000 Patient Reader 8.0 High2020-12-14
CVE-2020-7533 多款 Schneider Electric 产品信任管理问题漏洞 — Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see security notification for version information) 9.8 -2020-12-01
CVE-2020-1778 Bypassing user account validation — OTRS 4.1 Medium2020-11-23
CVE-2020-26236 Verification Code Hijacking in ScratchVerifier — ScratchVerifier 7.5 High2020-11-20
CVE-2020-8272 Citrix Systems SD-WAN Center 授权问题漏洞 — Citrix SD-WAN Center 7.5 -2020-11-16
CVE-2020-25165 BD Alaris PC Unit和BD Alaris Systems Manager 授权问题漏洞 — BD Alaris PC Unit and BD Alaris Systems Manager 7.5 -2020-11-13
CVE-2020-26214 LDAP authentication bypass in Alerta — alerta 9.1 Critical2020-11-06

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1187 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.