access:pre-auth 类型相关 19070 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2021-41307 | Atlassian Jira 权限许可和访问控制问题漏洞 — Jira Server | 7.5 | - | 2021-10-26 |
| CVE-2017-20007 | Ingeteam Ingepac Da Au 信息泄露漏洞 — INGEPAC DA AUCWE-200 | 5.3 | Medium | 2021-10-25 |
| CVE-2021-24884 | WordPress 跨站脚本漏洞 — Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPressCWE-79 | 8.2 | - | 2021-10-25 |
| CVE-2021-24779 | WordPress 访问控制错误漏洞 — WP DebuggingCWE-862 | 6.5 | - | 2021-10-25 |
| CVE-2021-40865 | Apache Storm 代码问题漏洞 — Apache StormCWE-502 | 9.8 | - | 2021-10-25 |
| CVE-2021-42258 | BEQ BillQuick Web Suite SQL注入漏洞 — n/a | 9.8 | - | 2021-10-22 |
| CVE-2020-23058 | Nong Ge File Explorer 授权问题漏洞 — n/a | 7.5 | - | 2021-10-22 |
| CVE-2021-34736 | Cisco Integrated Management Controller 输入验证错误漏洞 — Cisco Unified Computing System (Managed)CWE-20 | 5.3 | Medium | 2021-10-21 |
| CVE-2021-40122 | Cisco Meeting Server资源管理错误漏洞 — Cisco Meeting ServerCWE-399 | 5.9 | Medium | 2021-10-21 |
| CVE-2021-34743 | Cisco Webex 跨站请求伪造漏洞 — Cisco Webex MeetingsCWE-352 | 4.3 | Medium | 2021-10-21 |
| CVE-2021-25969 | Camaleon CMS 跨站脚本漏洞 — camaleon_cmsCWE-79 | 6.1 | Medium | 2021-10-20 |
| CVE-2021-35666 | Oracle HTTP Server 输入验证错误漏洞 — HTTP Server | 5.9 | Medium | 2021-10-20 |
| CVE-2021-35665 | Oracle Hyperion 安全漏洞 — Hyperion Financial Reporting | 6.1 | Medium | 2021-10-20 |
| CVE-2021-35662 | Oracle Outside In Technology 输入验证错误漏洞 — Outside In Technology | 7.5 | High | 2021-10-20 |
| CVE-2021-35661 | Oracle Fusion Middleware和Oracle Outside In Technology 输入验证错误漏洞 — Outside In Technology | 7.5 | High | 2021-10-20 |
| CVE-2021-35660 | Oracle Outside In Technology 输入验证错误漏洞 — Outside In Technology | 7.5 | High | 2021-10-20 |
| CVE-2021-35659 | Oracle Outside In Technology 输入验证错误漏洞 — Outside In Technology | 7.5 | High | 2021-10-20 |
| CVE-2021-35658 | Oracle Outside In Technology 输入验证错误漏洞 — Outside In Technology | 7.5 | High | 2021-10-20 |
| CVE-2021-35657 | Oracle Outside In Technology 输入验证错误漏洞 — Outside In Technology | 7.5 | High | 2021-10-20 |
| CVE-2021-35655 | Oracle Essbase 安全漏洞 — Hyperion Essbase Administration Services | 5.3 | Medium | 2021-10-20 |
| CVE-2021-35656 | Oracle Outside In Technology 输入验证错误漏洞 — Outside In Technology | 7.5 | High | 2021-10-20 |
| CVE-2021-35654 | Oracle Essbase 安全漏洞 — Hyperion Essbase Administration Services | 7.5 | High | 2021-10-20 |
| CVE-2021-35652 | Oracle Essbase 安全漏洞 — Hyperion Essbase Administration Services | 10.0 | Critical | 2021-10-20 |
| CVE-2021-35620 | Oracle Fusion Middleware和Oracle WebLogic Server 输入验证错误漏洞 — WebLogic Server | 7.5 | High | 2021-10-20 |
| CVE-2021-35617 | Oracle Fusion Middleware和Oracle WebLogic Server 输入验证错误漏洞 — WebLogic Server | 9.8 | Critical | 2021-10-20 |
| CVE-2021-35613 | Oracle MySQL 输入验证错误漏洞 — MySQL Cluster | 3.7 | Low | 2021-10-20 |
| CVE-2021-35603 | Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE | 3.7 | Low | 2021-10-20 |
| CVE-2021-35595 | Oracle PeopleSoft Enterprise PeopleTools 安全漏洞 — PeopleSoft Enterprise PT PeopleTools | 6.1 | Medium | 2021-10-20 |
| CVE-2021-35588 | Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE | 3.1 | Low | 2021-10-20 |
| CVE-2021-35586 | Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE | 5.3 | Medium | 2021-10-20 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19070 条 CVE 漏洞。