19497 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.
The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-2462 | Oracle Commerce 输入验证错误漏洞 — Commerce Service Center | 6.1 | Medium | 2021-07-20 |
| CVE-2021-2457 | Oracle Fusion Middleware安全漏洞 — Identity Manager | 5.3 | Medium | 2021-07-20 |
| CVE-2021-2456 | Oracle Fusion Middleware安全漏洞 — Business Intelligence Enterprise Edition | 9.8 | Critical | 2021-07-20 |
| CVE-2021-2453 | Oracle Fusion Middleware 安全漏洞 — Outside In Technology | 7.5 | High | 2021-07-20 |
| CVE-2021-2452 | Oracle Fusion Middleware 安全漏洞 — Outside In Technology | 7.5 | High | 2021-07-20 |
| CVE-2021-2451 | Oracle Fusion Middleware 安全漏洞 — Outside In Technology | 7.5 | High | 2021-07-20 |
| CVE-2021-2450 | Oracle Fusion Middleware 安全漏洞 — Outside In Technology | 7.5 | High | 2021-07-20 |
| CVE-2021-2449 | Oracle Fusion Middleware 安全漏洞 — Outside In Technology | 7.5 | High | 2021-07-20 |
| CVE-2021-2446 | Oracle Secure Global Desktop输入验证错误漏洞 — Secure Global Desktop | 9.6 | Critical | 2021-07-20 |
| CVE-2021-2439 | Oracle Hyperion 输入验证错误漏洞 — Hyperion BI+ | 4.3 | Medium | 2021-07-20 |
| CVE-2021-2436 | Oracle E-Business Suite 输入验证错误漏洞 — Common Applications | 8.2 | High | 2021-07-20 |
| CVE-2021-2435 | Oracle Essbase 输入验证错误漏洞 — Hyperion Analytic Provider Services | 8.1 | High | 2021-07-20 |
| CVE-2021-2433 | Oracle Essbase 输入验证错误漏洞 — Hyperion Analytic Provider Services | 7.5 | High | 2021-07-20 |
| CVE-2021-2432 | Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE | 3.7 | Low | 2021-07-20 |
| CVE-2021-2431 | Oracle Fusion Middleware 安全漏洞 — Outside In Technology | 7.5 | High | 2021-07-20 |
| CVE-2021-2430 | Oracle Fusion Middleware 安全漏洞 — Outside In Technology | 7.5 | High | 2021-07-20 |
| CVE-2021-2429 | Oracle MySQL Server 输入验证错误漏洞 — MySQL Server | 5.9 | Medium | 2021-07-20 |
| CVE-2021-2428 | Oracle Fusion Middleware安全漏洞 — Coherence | 8.1 | High | 2021-07-20 |
| CVE-2021-2423 | Oracle Fusion Middleware 安全漏洞 — Outside In Technology | 7.5 | High | 2021-07-20 |
| CVE-2021-2420 | Oracle Fusion Middleware 输入验证错误漏洞 — Outside In Technology | 7.5 | High | 2021-07-20 |
| CVE-2021-2419 | Oracle Fusion Middleware 输入验证错误漏洞 — Outside In Technology | 7.5 | High | 2021-07-20 |
| CVE-2021-2411 | Oracle MySQL Cluster 输入验证错误漏洞 — MySQL Cluster | 3.7 | Low | 2021-07-20 |
| CVE-2021-2408 | Oracle PeopleSoft Products 安全漏洞 — PeopleSoft Enterprise PT PeopleTools | 6.1 | Medium | 2021-07-20 |
| CVE-2021-2407 | Oracle PeopleSoft Products安全漏洞 — PeopleSoft Enterprise PT PeopleTools | 5.3 | Medium | 2021-07-20 |
| CVE-2021-2404 | Oracle PeopleSoft Products 安全漏洞 — PeopleSoft Enterprise HCM Candidate Gateway | 6.5 | Medium | 2021-07-20 |
| CVE-2021-2403 | Oracle Fusion Middleware安全漏洞 — WebLogic Server | 5.3 | Medium | 2021-07-20 |
| CVE-2021-2401 | Oracle Fusion Middleware 信息泄露漏洞 — BI Publisher (formerly XML Publisher) | 5.3 | Medium | 2021-07-20 |
| CVE-2021-2400 | Oracle Fusion Middleware 安全漏洞 — BI Publisher (formerly XML Publisher) | 7.5 | High | 2021-07-20 |
| CVE-2021-2397 | Oracle Fusion Middleware安全漏洞 — WebLogic Server | 9.8 | Critical | 2021-07-20 |
| CVE-2021-2394 | Oracle Fusion Middleware输入验证错误漏洞 — WebLogic Server | 9.8 | Critical | 2021-07-20 |
Vulnerabilities classified as access:pre-auth represent 19497 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.