access:pre-auth 类型相关 19065 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | タイトル | CVSS | 深刻度 | 公開日 |
|---|---|---|---|---|
| CVE-2022-21601 | Oracle Communications Billing and Revenue Management 安全漏洞 — Communications Billing and Revenue Management | 6.5 | Medium | 2022-10-18 |
| CVE-2022-21602 | Oracle PeopleSoft Enterprise PeopleTools 安全漏洞 — PeopleSoft Enterprise PT PeopleTools | 5.3 | Medium | 2022-10-18 |
| CVE-2022-21606 | Oracle Database Server 跨站脚本漏洞 — Services for Microsoft Transaction Server | 6.1 | Medium | 2022-10-18 |
| CVE-2022-21613 | Oracle Fusion Middleware 安全漏洞 — Enterprise Data Quality | 8.8 | High | 2022-10-18 |
| CVE-2022-21614 | Oracle Fusion Middleware 安全漏洞 — Enterprise Data Quality | 7.5 | High | 2022-10-18 |
| CVE-2022-21615 | Oracle Fusion Middleware 安全漏洞 — Enterprise Data Quality | 7.4 | High | 2022-10-18 |
| CVE-2022-21618 | Oracle Java SE和Oracle GraalVM 安全漏洞 — Java SE JDK and JRE | 5.3 | Medium | 2022-10-18 |
| CVE-2022-21619 | Oracle Java SE 安全漏洞 — Java SE JDK and JRE | 3.7 | Low | 2022-10-18 |
| CVE-2022-21622 | Oracle Fusion Middleware 安全漏洞 — SOA Suite | 7.5 | High | 2022-10-18 |
| CVE-2022-21623 | Oracle Enterprise Manager Base Platform 安全漏洞 — Enterprise Manager Base Platform | 7.5 | High | 2022-10-18 |
| CVE-2022-21624 | Oracle Java SE和Oracle GraalVM 安全漏洞 — Java SE JDK and JRE | 3.7 | Low | 2022-10-18 |
| CVE-2022-21626 | Oracle Java SE 安全漏洞 — Java SE JDK and JRE | 5.3 | Medium | 2022-10-18 |
| CVE-2022-21628 | Oracle Java SE和Oracle GraalVM 安全漏洞 — Java SE JDK and JRE | 5.3 | Medium | 2022-10-18 |
| CVE-2022-21630 | Oracle JD Edwards Products 安全漏洞 — JD Edwards EnterpriseOne Tools | 6.1 | Medium | 2022-10-18 |
| CVE-2022-21631 | Oracle JD Edwards Products 跨站脚本漏洞 — JD Edwards EnterpriseOne Tools | 6.1 | Medium | 2022-10-18 |
| CVE-2022-21634 | Oracle Java SE和Oracle GraalVM 安全漏洞 — GraalVM Enterprise Edition | 7.5 | High | 2022-10-18 |
| CVE-2022-21639 | Oracle PeopleSoft Enterprise PeopleTools 跨站脚本漏洞 — PeopleSoft Enterprise PT PeopleTools | 6.1 | Medium | 2022-10-18 |
| CVE-2022-3338 | XXE in Trellix ePO server — Trellix ePolicy Orchestrator (ePO)CWE-611 | 5.4 | Medium | 2022-10-18 |
| CVE-2022-3339 | Reflected XSS in Trellix ePO server — Trellix ePolicy Orchestrator (ePO)CWE-79 | 5.4 | Medium | 2022-10-18 |
| CVE-2022-39399 | Oracle Java SE和Oracle GraalVM 安全漏洞 — Java SE JDK and JRE | 3.7 | Low | 2022-10-18 |
| CVE-2022-39402 | Oracle MySQL 安全漏洞 — MySQL Server | 4.3 | Medium | 2022-10-18 |
| CVE-2022-39405 | Oracle Fusion Middleware 安全漏洞 — Access Manager | 5.3 | Medium | 2022-10-18 |
| CVE-2022-39412 | Oracle Fusion Middleware 安全漏洞 — Access Manager | 7.5 | High | 2022-10-18 |
| CVE-2022-39424 | Oracle Virtualization和Oracle VM VirtualBox 安全漏洞 — VM VirtualBox | 8.1 | High | 2022-10-18 |
| CVE-2022-39425 | Oracle Virtualization和Oracle VM VirtualBox 安全漏洞 — VM VirtualBox | 8.1 | High | 2022-10-18 |
| CVE-2022-39426 | Oracle Virtualization和Oracle VM VirtualBox 安全漏洞 — VM VirtualBox | 8.1 | High | 2022-10-18 |
| CVE-2022-39428 | Oracle E-Business Suite 安全漏洞 — Web Applications Desktop Integrator | 9.8 | Critical | 2022-10-18 |
| CVE-2022-40684 | Fortinet FortiOS 授权问题漏洞 — Fortinet FortiOS, FortiProxy, FortiSwitchManager | 9.8 | Critical | 2022-10-18 |
| CVE-2022-2592 | GitLab 输入验证错误漏洞 — GitLab | 6.5 | Medium | 2022-10-17 |
| CVE-2017-20149 | MikroTik RouterOS 缓冲区错误漏洞 — n/a | 9.8 | - | 2022-10-15 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19065 条 CVE 漏洞。