CWE-290 使用欺骗进行的认证绕过 类弱点 237 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | 发布日期 |
|---|---|---|---|---|
| CVE-2021-41130 | Extensible Service Proxy 安全漏洞 — esp | 6.4 | Medium | 2021-10-07 |
| CVE-2021-34646 | Wordpress plugin Booster for WooCommerce 安全特征问题漏洞 — Booster for WooCommcerce | 9.8 | Critical | 2021-08-30 |
| CVE-2021-32076 | SolarWinds Web Help Desk 安全漏洞 — Web Help Desk | 5.3 | Medium | 2021-08-26 |
| CVE-2021-32631 | Common 安全漏洞 — common | 6.5 | Medium | 2021-07-26 |
| CVE-2020-7388 | Sage Group Sage X3 安全漏洞 — X3 | 10.0 | Critical | 2021-07-22 |
| CVE-2021-22779 | Schneider Electric EcoStruxure Control Expert 安全漏洞 — EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*) | 9.1 | - | 2021-07-14 |
| CVE-2021-28810 | Roon 安全漏洞 — Roon Server | 7.5 | High | 2021-06-08 |
| CVE-2021-20278 | Kiali 授权问题漏洞 — kiali | 9.8 | - | 2021-05-28 |
| CVE-2020-13529 | systemd 安全漏洞 — Systemd | 6.1 | - | 2021-05-10 |
| CVE-2021-29441 | Nacos 安全漏洞 — nacos | 8.6 | High | 2021-04-27 |
| CVE-2021-21492 | SAP NetWeaver Application Server Java 安全漏洞 — SAP NetWeaver AS for JAVA (HTTP Service) | 5.3 | - | 2021-04-13 |
| CVE-2021-21310 | NextAuth.js 安全漏洞 — next-auth | 6.1 | Medium | 2021-02-11 |
| CVE-2020-17516 | Apache Cassandra 安全漏洞 — Apache Cassandra | 7.5 | - | 2021-02-03 |
| CVE-2020-27276 | 多款Sooil产品授权问题漏洞 — SOOIL Developments CoLtd DiabecareRS,AnyDana-i,AnyDana-A | 5.7 | - | 2021-01-19 |
| CVE-2020-26276 | Fleet 授权问题漏洞 — fleet | 10.0 | Critical | 2020-12-17 |
| CVE-2020-26254 | omniautho-apple 安全漏洞 — omniauth-apple | 7.7 | High | 2020-12-08 |
| CVE-2020-7327 | McAfee MVISION Endpoint Detection 和 Response Client (MVEDR) 安全特征问题漏洞 — McAfee MVISION Endpoint Detection and Response | 6.0 | Medium | 2020-10-15 |
| CVE-2020-7326 | McAfee Active Response 安全特征问题漏洞 — McAfee Active Response | 6.0 | Medium | 2020-10-15 |
| CVE-2020-5415 | Pivotal Software Concourse 安全漏洞 — Concourse | 9.6 | - | 2020-08-12 |
| CVE-2020-2033 | Palo Alto Networks GlobalProtect 信任管理问题漏洞 — GlobalProtect App | 5.3 | Medium | 2020-06-10 |
| CVE-2020-10136 | Cisco NX-OS Software 代码问题漏洞 — RFC2003 - IP Encapsulation within IP | 8.2 | - | 2020-06-02 |
| CVE-2020-2002 | Palo Alto Networks PAN-OS 安全漏洞 — PAN-OS | 8.1 | High | 2020-05-13 |
| CVE-2019-18259 | Omron PLC CJ series和CS series 安全漏洞 — Omron PLC CJ and CS Series | 9.8 | - | 2019-12-16 |
| CVE-2019-3884 | Red Hat OpenShift 授权问题漏洞 — atomic-openshift | 5.4 | - | 2019-08-01 |
| CVE-2019-3775 | Cloud Foundry UAA 授权问题漏洞 — UAA Release (OSS) | 8.1 | - | 2019-03-07 |
| CVE-2018-15715 | Zoom Client 安全漏洞 — Zoom | 9.8 | - | 2018-11-30 |
| CVE-2017-14003 | LAVA Ether-Serial Link 授权问题漏洞 — LAVA Computer MFG Inc. Ether-Serial Link | 9.8 | - | 2017-10-11 |
CWE-290(使用欺骗进行的认证绕过) 是常见的弱点类别,本平台收录该类弱点关联的 237 条 CVE 漏洞。