access:pre-auth 类型相关 19070 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2021-2371 | Oracle Fusion Middleware安全漏洞 — Coherence | 7.5 | High | 2021-07-20 |
| CVE-2021-2368 | Oracle Siebel CRM安全漏洞 — Siebel Core - Server Framework | 5.9 | Medium | 2021-07-20 |
| CVE-2021-2359 | Oracle E-Business Suite输入验证错误漏洞 — Marketing | 8.2 | High | 2021-07-20 |
| CVE-2021-2355 | Oracle E-Business Suite输入验证错误漏洞 — Marketing | 9.1 | Critical | 2021-07-20 |
| CVE-2021-2351 | Oracle Database Server 授权问题漏洞 — WebLogic Server | 8.3 | High | 2021-07-20 |
| CVE-2021-2350 | Oracle Essbase 输入验证错误漏洞 — Hyperion Essbase Administration Services | 7.5 | High | 2021-07-20 |
| CVE-2021-2349 | Oracle Hyperion 输入验证错误漏洞 — Hyperion Essbase Administration Services | 8.6 | High | 2021-07-20 |
| CVE-2021-2344 | Oracle Coherence安全漏洞 — Coherence | 7.5 | High | 2021-07-20 |
| CVE-2021-2341 | Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE | 3.1 | Low | 2021-07-20 |
| CVE-2021-2338 | Oracle Siebel CRM 安全漏洞 — Siebel Apps - Marketing | 6.1 | Medium | 2021-07-20 |
| CVE-2021-2323 | Oracle Financial Services Applications安全漏洞 — FLEXCUBE Universal Banking | 5.9 | Medium | 2021-07-20 |
| CVE-2020-25205 | Mimosa B5 跨站脚本漏洞 — n/a | 6.1 | - | 2021-07-20 |
| CVE-2021-2369 | Oracle Java SE 输入验证错误漏洞 — Java SE JDK and JRE | 4.3 | Medium | 2021-07-20 |
| CVE-2020-5349 | Dell EMC Networking S4100 和 S5200 信任管理问题漏洞 — NetworkingCWE-798 | 9.8 | Critical | 2021-07-19 |
| CVE-2021-34821 | Novus Management System 跨站脚本漏洞 — n/a | 6.1 | - | 2021-07-19 |
| CVE-2021-34820 | NOVUS Novus Management System 路径遍历漏洞 — n/a | 7.5 | - | 2021-07-19 |
| CVE-2021-35963 | LearningDigital Orca HCM digital learning platform 代码问题漏洞 — Orca HCMCWE-434 | 9.8 | Critical | 2021-07-19 |
| CVE-2019-3752 | Dell EMC Avamar Server和EMC Integrated Data Protection Appliance 代码问题漏洞 — AvamarCWE-611 | 8.2 | - | 2021-07-16 |
| CVE-2021-1422 | 多款Cisco产品处理逻辑错误漏洞 — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-617 | 7.7 | High | 2021-07-16 |
| CVE-2021-0291 | Juniper Networks Junos OS 信息泄露漏洞 — Junos OSCWE-497 | 6.5 | Medium | 2021-07-15 |
| CVE-2021-21587 | Dell Wyse Management Suite 信息泄露漏洞 — Wyse Management SuiteCWE-200 | 5.3 | Medium | 2021-07-15 |
| CVE-2021-34691 | IDrive 安全漏洞 — n/a | 7.5 | - | 2021-07-15 |
| CVE-2021-34690 | IDrive 授权问题漏洞 — n/a | 9.8 | - | 2021-07-15 |
| CVE-2019-11098 | EDKII MdeModulePkg 输入验证错误漏洞 — Tianocore | 6.8 | - | 2021-07-14 |
| CVE-2021-36124 | ShareCare SQL注入漏洞 — n/a | 9.8 | - | 2021-07-13 |
| CVE-2021-33578 | ShareCare SQL注入漏洞 — n/a | 9.8 | - | 2021-07-13 |
| CVE-2021-31895 | Siemens RUGGEDCOM安全漏洞 — RUGGEDCOM i800CWE-120 | 8.1 | High | 2021-07-13 |
| CVE-2020-28400 | Siemens SCALANCE S602安全漏洞 — Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet ControllerCWE-770 | 7.5 | High | 2021-07-13 |
| CVE-2021-20595 | Mitsubishi Electric Air Conditioning Systems 代码问题漏洞 — Air Conditioning System/Centralized Controllers G-50A; GB-50A; GB-24A; AG-150A-A; AG-150A-J; GB-50ADA-A; GB-50ADA-J; EB-50GU-A; EB-50GU-J; AE-200A; AE-200E; AE-50A; AE-50E; EW-50A; EW-50E; TE-200A; TE-50A; TW-50A; CMS-RMD-J; Air Conditioning System/Expansion Controllers PAC-YG50ECA; Air Conditioning System/BM adapter BAC-HD150 | 8.2 | - | 2021-07-13 |
| CVE-2021-24442 | WordPress 插件 SQL注入漏洞 — Poll, Survey, Questionnaire and Voting systemCWE-89 | 9.8 | - | 2021-07-12 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19070 条 CVE 漏洞。