目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1310

100%
请我们喝杯咖啡

CWE-306 关键功能的认证机制缺失 类漏洞列表 1168

CWE-306 关键功能的认证机制缺失 类弱点 1168 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-306指关键功能缺乏身份验证,属于访问控制缺陷。攻击者可直接调用需高权限或消耗大量资源的功能,无需提供凭证,从而实施未授权操作或资源耗尽攻击。开发者应确保所有敏感操作强制实施身份验证机制,严格校验用户身份,防止未认证请求访问关键业务逻辑,保障系统安全。

MITRE CWE 官方描述
CWE:CWE-306 关键功能缺少身份验证 (Missing Authentication for Critical Function) 英文:该产品对于需要可证明的用户身份或消耗大量资源的功能,未执行任何身份验证 (authentication)。
常见影响 (1)
Access Control, OtherGain Privileges or Assume Identity, Varies by Context
Exposing critical functionality essentially provides an attacker with the privilege level of that functionality. The consequences will depend on the associated functionality, but they can range from reading or modifying sensitive data, accessing administrative or other privileged functionality, or p…
缓解措施 (5)
Architecture and DesignDivide the software into anonymous, normal, privileged, and administrative areas. Identify which of these areas require a proven user identity, and use a centralized authentication capability. Identify all potential communication channels, or other means of interaction with the software, to ensure that all channels are appropriately protected, including those channels that are assumed to be access…
Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
Architecture and DesignWhere possible, avoid implementing custom, "grow-your-own" authentication routines and consider using authentication capabilities as provided by the surrounding framework, operating system, or environment. These capabilities may avoid common weaknesses that are unique to authentication; support automatic auditing and tracking; and make it easier to provide a clear separation between authentication…
Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid. For example, consider using libraries with authentication capabilities such as OpenSSL or the ESAPI Authenticator [REF-45].
Implementation, System Configuration, OperationWhen storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to require strong authentication for users who should be allowed to access the data [REF-1297] [REF-1298] [REF-1302].
代码示例 (2)
In the following Java example the method createBankAccount is used to create a BankAccount object for a bank management application.
public BankAccount createBankAccount(String accountNumber, String accountType, String accountName, String accountSSN, double balance) { BankAccount account = new BankAccount(); account.setAccountNumber(accountNumber); account.setAccountType(accountType); account.setAccountOwnerName(accountName); account.setAccountOwnerSSN(accountSSN); account.setBalance(balance); return account; }
Bad · Java
private boolean isUserAuthentic = false; // authenticate user, // if user is authenticated then set variable to true // otherwise set variable to false public boolean authenticateUser(String username, String password) { ... } public BankAccount createNewBankAccount(String accountNumber, String accountType, String accountName, String accountSSN, double balance) { BankAccount account = null; if (isUserAuthentic) { account = new BankAccount(); account.setAccountNumber(accountNumber); account.setAccountType(accountType); account.setAccountOwnerName(accountName); account.setAccountOwnerSSN(accountS
Good · Java
In 2022, the OT:ICEFALL study examined products by 10 different Operational Technology (OT) vendors. The researchers reported 56 vulnerabilities and said that the products were "insecure by design" [REF-1283]. If exploited, these vulnerabilities often allowed adversaries to change how the products operated, ranging from denial of service to changing the code that the products executed. Since these…
CVE ID标题CVSS风险等级Published
CVE-2018-10603 Martem GW6和GWM 授权问题漏洞 — TELEM GW6 9.8 -2018-07-31
CVE-2017-2637 Red Hat OpenStack 权限许可和访问控制问题漏洞 — rhosp-director 10.0 -2018-07-26
CVE-2017-3217 CalAmp LMU-3030 安全漏洞 — LMU 3030 OBD-II 8.1 -2018-07-24
CVE-2018-0374 Cisco Policy Suite 安全漏洞 — Cisco Policy Suite unknown 9.1 -2018-07-18
CVE-2018-0376 Cisco Policy Suite 安全漏洞 — Cisco Policy Suite unknown 7.5 -2018-07-18
CVE-2018-0377 Cisco Policy Suite 安全漏洞 — Cisco Policy Suite unknown 9.1 -2018-07-18
CVE-2017-2638 infinispan 安全漏洞 — infinispan 8.2 -2018-07-16
CVE-2016-6544 iTrack Easy 授权问题漏洞 — Easy 7.5 -2018-07-13
CVE-2016-6549 Zizai Tech Nut 授权问题漏洞 — Tech Nut 4.3 -2018-07-13
CVE-2016-9496 多款Hughes satellite调制解调器安全漏洞 — HN7740S 6.5 -2018-07-13
CVE-2018-10635 Universal Robots Robot Controllers 安全漏洞 — Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 9.8 -2018-07-11
CVE-2016-6540 TrackR Bravo 信息泄露漏洞 — Bravo Mobile Application 8.1 -2018-07-06
CVE-2016-6541 TrackR Bravo 授权问题漏洞 — Bravo Mobile Application 8.8 -2018-07-06
CVE-2018-4853 Siemens SICLOCK TC100和SICLOCK TC400 安全漏洞 — SICLOCK TC100, SICLOCK TC400 7.5 -2018-07-03
CVE-2018-4854 Siemens SICLOCK TC100和SICLOCK TC400 安全漏洞 — SICLOCK TC100, SICLOCK TC400 8.8 -2018-07-03
CVE-2011-4190 kdump 安全漏洞 — kdump 5.3 -2018-06-08
CVE-2018-4840 多款Siemens产品访问控制错误漏洞 — DIGSI 4 7.5 -2018-03-08
CVE-2018-1164 ZyXEL P-870H-51 DSL Router 安全漏洞 — ZyXEL P-870H-51 DSL Router 9.8 -2018-02-21
CVE-2018-4834 Siemens Desigo PXC Series 代码问题漏洞 — Desigo PXC00-E.D V4.10 9.8 Critical2018-01-24
CVE-2017-3184 多款ACTi产品安全漏洞 — ACTi D, B, I, and E series cameras 9.8 -2017-12-15
CVE-2017-13997 Schneider Electric InduSoft Web Studio和InTouch Machine Edition 安全漏洞 — Schneider Electric InduSoft Web Studio, InTouch Machine Edition 9.8 -2017-10-02
CVE-2017-12733 多款OPW产品安全漏洞 — OPW Fuel Management Systems SiteSentinel Integra and SiteSentinel iSite 9.8 -2017-09-09
CVE-2017-6872 Siemens OZW672和OZW772 安全漏洞 — OZW672, OZW772 6.5 -2017-08-08
CVE-2017-6873 Siemens OZW672和OZW772 安全漏洞 — OZW672, OZW772 7.4 -2017-08-08
CVE-2017-3216 多款WiMAX路由器安全漏洞 — BM2022 9.8 -2017-06-20
CVE-2016-10364 Elasticsearch Kibana 安全漏洞 — Elastic X-Pack Security 4.3 -2017-06-16
CVE-2014-9197 Schneider Electric ETG3000 FactoryCast HMI Gateway 权限许可和访问控制漏洞 — ETG3000 FactoryCast HMI Gateway 5.3 -2015-01-27
CVE-2014-9195 Phoenix Contact ProConOs和MultiProg 权限许可和访问控制漏洞 — ProConOs 9.8 -2015-01-17

CWE-306(关键功能的认证机制缺失) 是常见的弱点类别,本平台收录该类弱点关联的 1168 条 CVE 漏洞。