access:pre-auth 类型相关 19042 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2021-1140 | Cisco Smart Software Manager 操作系统命令注入漏洞 — Cisco Smart Software Manager On-PremCWE-20 | 9.8 | Critical | 2021-01-20 |
| CVE-2021-1141 | Cisco Smart Software Manager 操作系统命令注入漏洞 — Cisco Smart Software Manager On-PremCWE-20 | 9.8 | Critical | 2021-01-20 |
| CVE-2021-1142 | Cisco Smart Software Manager 操作系统命令注入漏洞 — Cisco Smart Software Manager On-PremCWE-20 | 9.8 | Critical | 2021-01-20 |
| CVE-2021-1225 | Cisco SD-WAN vManage Software SQL注入漏洞 — Cisco SD-WAN vManageCWE-89 | 9.1 | - | 2021-01-20 |
| CVE-2021-1241 | Cisco SD-WAN products 缓冲区错误漏洞 — Cisco SD-WAN SolutionCWE-119 | 8.6 | High | 2021-01-20 |
| CVE-2021-1312 | Cisco Elastic Services Controller 资源管理错误漏洞 — Cisco Elastic Services ControllerCWE-400 | 5.3 | Medium | 2021-01-20 |
| CVE-2021-1350 | Cisco Umbrella 安全漏洞 — Cisco Umbrella Insights Virtual ApplianceCWE-770 | 5.3 | Medium | 2021-01-20 |
| CVE-2021-1353 | Cisco StarOS 安全漏洞 — Cisco ASR 5000 Series SoftwareCWE-401 | 5.8 | Medium | 2021-01-20 |
| CVE-2021-1257 | Cisco DNA Center Software 跨站请求伪造漏洞 — Cisco Digital Network Architecture Center (DNA Center)CWE-352 | 8.8 | - | 2021-01-20 |
| CVE-2021-1273 | Cisco SD-WAN 缓冲区错误漏洞 — Cisco SD-WAN SolutionCWE-119 | 8.6 | High | 2021-01-20 |
| CVE-2021-1272 | Cisco Data Center Network Manager 代码问题漏洞 — Cisco Data Center Network ManagerCWE-918 | 8.8 | High | 2021-01-20 |
| CVE-2021-1274 | Cisco SD-WAN 代码问题漏洞 — Cisco SD-WAN SolutionCWE-119 | 8.6 | High | 2021-01-20 |
| CVE-2021-1278 | Cisco SD-WAN products 缓冲区错误漏洞 — Cisco SD-WAN SolutionCWE-119 | 8.6 | High | 2021-01-20 |
| CVE-2021-1279 | Cisco SD-WAN 输入验证错误漏洞 — Cisco SD-WAN SolutionCWE-119 | 8.6 | High | 2021-01-20 |
| CVE-2021-1300 | 多款 Cisco SD-WAN 产品缓冲区错误漏洞 — Cisco SD-WAN SolutionCWE-119 | 9.8 | - | 2021-01-20 |
| CVE-2021-1301 | Cisco SD-WAN 输入验证错误漏洞 — Cisco SD-WAN SolutionCWE-119 | 9.8 | - | 2021-01-20 |
| CVE-2021-1129 | 多款Cisco产品授权问题漏洞 — Cisco Web Security Appliance (WSA)CWE-201 | 5.3 | Medium | 2021-01-20 |
| CVE-2021-2114 | Oracle E-Business Suite 授权问题漏洞 — Common Applications Calendar | 8.2 | High | 2021-01-20 |
| CVE-2021-2118 | Oracle E-Business Suite和Oracle Marketing 授权问题漏洞 — Marketing | 8.2 | High | 2021-01-20 |
| CVE-2021-2102 | Oracle Dialog Box 安全漏洞 — Complex Maintenance, Repair, and Overhaul | 8.2 | High | 2021-01-20 |
| CVE-2021-2103 | Oracle Dialog Box 安全漏洞 — Complex Maintenance, Repair, and Overhaul | 8.2 | High | 2021-01-20 |
| CVE-2021-2104 | Oracle Supply Chain 安全漏洞 — Complex Maintenance, Repair, and Overhaul | 8.2 | High | 2021-01-20 |
| CVE-2021-2105 | Oracle E-Business Suite 产品授权问题漏洞 — Customer Interaction History | 8.2 | High | 2021-01-20 |
| CVE-2021-2106 | Oracle E-Business Suite 安全漏洞 — Customer Interaction History | 8.2 | High | 2021-01-20 |
| CVE-2021-2107 | Oracle E-Business Suite 授权问题漏洞 — Customer Interaction History | 8.2 | High | 2021-01-20 |
| CVE-2021-2108 | Oracle Fusion Middleware 组件授权问题漏洞 — WebLogic Server | 9.8 | Critical | 2021-01-20 |
| CVE-2021-2092 | Oracle E-Business Suite 安全漏洞 — CRM Technical Foundation | 8.2 | High | 2021-01-20 |
| CVE-2021-2093 | Oracle E-Business Suite 安全漏洞 — Common Applications | 8.2 | High | 2021-01-20 |
| CVE-2021-2094 | Oracle E-Business Suite 授权问题漏洞 — One-to-One Fulfillment | 8.2 | High | 2021-01-20 |
| CVE-2021-2096 | Oracle E-Business Suite 组件安全漏洞 — iStore | 8.2 | High | 2021-01-20 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 19042 条 CVE 漏洞。