access:pre-auth 类型相关 19065 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2022-26134 | Atlassian Confluence Server 注入漏洞 — Confluence Data Center | 9.8 | - | 2022-06-03 |
| CVE-2022-29084 | 多款Dell产品安全漏洞 — UnityCWE-307 | 8.1 | High | 2022-06-02 |
| CVE-2022-26869 | Dell EMC PowerStore 安全漏洞 — PowerStoreCWE-200 | 9.8 | Critical | 2022-06-02 |
| CVE-2022-22556 | Dell EMC PowerStore 资源管理错误漏洞 — PowerStoreCWE-400 | 3.7 | Low | 2022-06-02 |
| CVE-2022-25163 | 多款Mitsubishi Electric产品输入验证错误漏洞 — Mitsubishi Electric MELSEC-Q Series QJ71E71-100; Mitsubishi Electric MELSEC-L series LJ71E71-100; Mitsubishi Electric MELSEC iQ-R Series RD81MES96N | 9.8 | - | 2022-06-02 |
| CVE-2022-29718 | Caddy 输入验证错误漏洞 — n/a | 6.1 | - | 2022-06-02 |
| CVE-2022-1949 | 389-ds-base 安全漏洞 — 389-ds-base | 7.5 | - | 2022-06-01 |
| CVE-2022-26975 | Barco Control Room 授权问题漏洞 — n/a | 5.3 | - | 2022-06-01 |
| CVE-2022-26971 | Barco Control Room 访问控制错误漏洞 — n/a | 7.5 | - | 2022-06-01 |
| CVE-2022-29875 | 多款Siemens 产品代码问题漏洞 — Biograph Horizon PET/CT SystemsCWE-502 | 9.8 | - | 2022-06-01 |
| CVE-2022-29540 | RESI Gemini-Net 跨站脚本漏洞 — n/a | 6.1 | - | 2022-05-31 |
| CVE-2022-1589 | WordPress plugin Change wp-admin login 安全漏洞 — Change wp-admin login | 7.5 | - | 2022-05-30 |
| CVE-2022-24581 | ACEware Systems ACEweb Online Portal 代码问题漏洞 — n/a | 7.5 | - | 2022-05-27 |
| CVE-2021-27780 | HCL Technologies BigFix Mobile/Modern Client Management 代码问题漏洞 — HCL BigFix Mobile / Modern Client ManagementCWE-112 | 5.3 | Medium | 2022-05-27 |
| CVE-2022-20674 | Cisco Common Services Platform Collector 跨站脚本漏洞 — Cisco Common Services Platform Collector SoftwareCWE-79 | 6.1 | Medium | 2022-05-27 |
| CVE-2022-20673 | Cisco Common Services Platform Collector 跨站脚本漏洞 — Cisco Common Services Platform Collector SoftwareCWE-79 | 6.1 | Medium | 2022-05-27 |
| CVE-2022-20672 | Cisco Common Services Platform Collector 跨站脚本漏洞 — Cisco Common Services Platform Collector SoftwareCWE-79 | 6.1 | Medium | 2022-05-27 |
| CVE-2022-20671 | Cisco Common Services Platform Collector 跨站脚本漏洞 — Cisco Common Services Platform Collector SoftwareCWE-79 | 6.1 | Medium | 2022-05-27 |
| CVE-2022-20670 | Cisco Common Services Platform Collector 跨站脚本漏洞 — Cisco Common Services Platform Collector SoftwareCWE-79 | 6.1 | Medium | 2022-05-27 |
| CVE-2022-20669 | Cisco Common Services Platform Collector 跨站脚本漏洞 — Cisco Common Services Platform Collector SoftwareCWE-79 | 6.1 | Medium | 2022-05-27 |
| CVE-2022-20668 | Cisco Common Services Platform Collector 跨站脚本漏洞 — Cisco Common Services Platform Collector SoftwareCWE-79 | 6.1 | Medium | 2022-05-27 |
| CVE-2022-20667 | Cisco Common Services Platform Collector 跨站脚本漏洞 — Cisco Common Services Platform Collector SoftwareCWE-79 | 6.1 | Medium | 2022-05-27 |
| CVE-2022-20666 | Cisco Common Services Platform Collector 跨站脚本漏洞 — Cisco Common Services Platform Collector SoftwareCWE-79 | 6.1 | Medium | 2022-05-27 |
| CVE-2022-29729 | Verizon 4G LTE Network Extender 安全漏洞 — n/a | 9.1 | - | 2022-05-27 |
| CVE-2022-26724 | Apple TV 授权问题漏洞 — tvOS | 5.5 | - | 2022-05-26 |
| CVE-2022-29091 | 多款DELL产品跨站脚本漏洞 — UnityCWE-79 | 5.3 | Medium | 2022-05-26 |
| CVE-2022-26865 | DELL SupportAssist OS Recovery 授权问题漏洞 — Dell OS Recovery ToolCWE-288 | 6.8 | Medium | 2022-05-26 |
| CVE-2022-24422 | DELL iDRAC9 授权问题漏洞 — Integrated Dell Remote Access Controller 9CWE-287 | 9.6 | Critical | 2022-05-26 |
| CVE-2022-20821 | Cisco IOS XR 信息泄露漏洞 — Cisco IOS XR SoftwareCWE-200 | 6.5 | Medium | 2022-05-26 |
| CVE-2022-26833 | Open Automation Software OAS Platform 访问控制错误漏洞 — OAS PlatformCWE-306 | 9.4 | Critical | 2022-05-25 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19065 条 CVE 漏洞。