Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2008-3425

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-31 Jul, 2008 | 22:00
Updated At-07 Aug, 2024 | 09:37
Rejected At-
Credits

Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin in Sun N1 Service Provisioning System (SPS) 5.2 and 6.0 allows remote authenticated SPS users to gain administrative access to the web server via unknown attack vectors.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:31 Jul, 2008 | 22:00
Updated At:07 Aug, 2024 | 09:37
Rejected At:
▼CVE Numbering Authority (CNA)

Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin in Sun N1 Service Provisioning System (SPS) 5.2 and 6.0 allows remote authenticated SPS users to gain administrative access to the web server via unknown attack vectors.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239566-1
vendor-advisory
x_refsource_SUNALERT
http://secunia.com/advisories/31301
third-party-advisory
x_refsource_SECUNIA
http://www.securitytracker.com/id?1020608
vdb-entry
x_refsource_SECTRACK
http://www.vupen.com/english/advisories/2008/2261/references
vdb-entry
x_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/44114
vdb-entry
x_refsource_XF
http://www.securityfocus.com/bid/30451
vdb-entry
x_refsource_BID
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-239566-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://secunia.com/advisories/31301
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securitytracker.com/id?1020608
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.vupen.com/english/advisories/2008/2261/references
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/44114
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.securityfocus.com/bid/30451
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239566-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://secunia.com/advisories/31301
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securitytracker.com/id?1020608
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.vupen.com/english/advisories/2008/2261/references
vdb-entry
x_refsource_VUPEN
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/44114
vdb-entry
x_refsource_XF
x_transferred
http://www.securityfocus.com/bid/30451
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-239566-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://secunia.com/advisories/31301
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securitytracker.com/id?1020608
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/2261/references
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/44114
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securityfocus.com/bid/30451
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:31 Jul, 2008 | 22:41
Updated At:08 Aug, 2017 | 01:31

Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin in Sun N1 Service Provisioning System (SPS) 5.2 and 6.0 allows remote authenticated SPS users to gain administrative access to the web server via unknown attack vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.5MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 6.5
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P
CPE Matches

Sun Microsystems (Oracle Corporation)
sun
>>java_system_web_server_plugin>>7.0
cpe:2.3:a:sun:java_system_web_server_plugin:7.0:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>n1_service_provisioning_system>>5.2
cpe:2.3:a:sun:n1_service_provisioning_system:5.2:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>n1_service_provisioning_system>>6.0
cpe:2.3:a:sun:n1_service_provisioning_system:6.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarynvd@nist.gov
CWE ID: CWE-287
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://secunia.com/advisories/31301cve@mitre.org
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239566-1cve@mitre.org
N/A
http://www.securityfocus.com/bid/30451cve@mitre.org
N/A
http://www.securitytracker.com/id?1020608cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2008/2261/referencescve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/44114cve@mitre.org
N/A
Hyperlink: http://secunia.com/advisories/31301
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-239566-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/30451
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1020608
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2008/2261/references
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/44114
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

95Records found

CVE-2019-15299
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.06% / 18.93%
||
7 Day CHG~0.00%
Published-24 Feb, 2020 | 12:55
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Centreon Web through 19.04.3. When a user changes his password on his profile page, the contact_autologin_key field in the database becomes blank when it should be NULL. This makes it possible to partially bypass authentication.

Action-Not Available
Vendor-n/aCENTREON
Product-centreon_webn/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-7943
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-8.8||HIGH
EPSS-0.28% / 50.70%
||
7 Day CHG~0.00%
Published-05 Jun, 2018 | 15:00
Updated-17 Sep, 2024 | 02:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ch242_v5_firmwarech242_v52288h_v5ch121l_v5_firmwarerh1288_v3xh620_v31288h_v5ch121l_v3_firmwarech121_v52488_v5ch140l_v3_firmwarech121_v3ch222_v3ch121l_v3ch222_v3_firmwarexh310_v3_firmwarech140_v3_firmwarech140_v3xh321_v5_firmwarexh321_v5ch220_v3_firmwarech140l_v3rh2288_v3_firmwarexh321_v3_firmware1288h_v5_firmwarerh2288h_v3_firmwarexh620_v3_firmwarech121_v3_firmwarerh1288_v3_firmwarech121l_v5rh2288h_v32288h_v5_firmwarexh310_v3rh2288_v32488_v5_firmwarexh321_v3ch121_v5_firmwarech220_v3ch242_v3ch242_v3_firmware1288H V5; 2288H V5; 2488 V5 ; CH121 V3; CH121L V3; CH121L V5 ; CH121 V5 ; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5 ; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3
CWE ID-CWE-287
Improper Authentication
CVE-2018-7067
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-0.63% / 69.42%
||
7 Day CHG~0.00%
Published-07 Dec, 2018 | 21:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise. An authentication flaw in all versions of ClearPass could allow an attacker to compromise the entire cluster through a specially crafted API call. Network access to the administrative web interface is required to exploit this vulnerability. Resolution: Fixed in 6.7.6 and 6.6.10-hotfix.

Action-Not Available
Vendor-Aruba NetworksHewlett Packard Enterprise (HPE)
Product-clearpass_policy_managerAruba ClearPass Policy Manager
CWE ID-CWE-287
Improper Authentication
CVE-2018-7941
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-8.8||HIGH
EPSS-0.08% / 24.62%
||
7 Day CHG~0.00%
Published-10 May, 2018 | 14:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege elevation.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ch242_v5_firmwarech242_v52288h_v5ch121l_v5_firmwarerh1288_v3xh620_v31288h_v5ch121l_v3_firmwarech121_v52488_v5ch140l_v3_firmwarech121_v3ch222_v3ch121l_v3ch222_v3_firmwarexh310_v3_firmwarech140_v3_firmwarech140_v3xh321_v5_firmwarexh321_v5ch220_v3_firmwarech140l_v3rh2288_v3_firmwarexh321_v3_firmware1288h_v5_firmwarerh2288h_v3_firmwarexh620_v3_firmwarech121_v3_firmwarerh1288_v3_firmwarech121l_v5rh2288h_v3xh310_v32288h_v5_firmwarerh2288_v32488_v5_firmwarexh321_v3ch121_v5_firmwarech220_v3ch242_v3ch242_v3_firmwareiBMC
CWE ID-CWE-287
Improper Authentication
CVE-2019-13526
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-0.68% / 70.56%
||
7 Day CHG~0.00%
Published-29 Aug, 2019 | 22:48
Updated-04 Aug, 2024 | 23:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to authentication bypass, which may allow an attacker to remotely execute arbitrary code.

Action-Not Available
Vendor-datalogicn/a
Product-av7000av7000_firmwareDatalogic AV7000 Linear barcode scanner
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-287
Improper Authentication
CVE-2020-4205
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5||MEDIUM
EPSS-0.08% / 25.22%
||
7 Day CHG~0.00%
Published-19 Mar, 2020 | 13:40
Updated-16 Sep, 2024 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could allow an authenticated user to bypass security restrictions, and continue to access the server even after authentication certificates have been revolked. IBM X-Force ID: 174961.

Action-Not Available
Vendor-IBM Corporation
Product-datapower_gatewayDataPower Gateway
CWE ID-CWE-287
Improper Authentication
CVE-2021-33539
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.2||HIGH
EPSS-0.33% / 55.32%
||
7 Day CHG~0.00%
Published-25 Jun, 2021 | 18:26
Updated-16 Sep, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WEIDMUELLER: WLAN devices affected by authentication bypass vulnerability

In Weidmueller Industrial WLAN devices in multiple versions an exploitable authentication bypass vulnerability exists in the hostname processing. A specially configured device hostname can cause the device to interpret selected remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability.

Action-Not Available
Vendor-weidmuellerWeidmüller
Product-ie-wlt-vl-ap-br-cl-euie-wl-bl-ap-cl-euie-wl-bl-ap-cl-us_firmwareie-wlt-bl-ap-cl-eu_firmwareie-wlt-vl-ap-br-cl-eu_firmwareie-wl-vl-ap-br-cl-us_firmwareie-wlt-bl-ap-cl-us_firmwareie-wl-vl-ap-br-cl-usie-wl-vl-ap-br-cl-euie-wlt-bl-ap-cl-usie-wl-bl-ap-cl-usie-wl-bl-ap-cl-eu_firmwareie-wlt-bl-ap-cl-euie-wlt-vl-ap-br-cl-usie-wlt-vl-ap-br-cl-us_firmwareie-wl-vl-ap-br-cl-eu_firmwareIE-WL(T)-BL-AP-CL-XXIE-WL(T)-VL-AP-CL-XX
CWE ID-CWE-287
Improper Authentication
CVE-2018-4836
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.67% / 70.42%
||
7 Day CHG~0.00%
Published-25 Jan, 2018 | 14:00
Updated-16 Sep, 2024 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic < V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic's port 8000/tcp could escalate his privileges and perform administrative operations.

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-287
Improper Authentication
CVE-2014-2062
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 36.12%
||
7 Day CHG~0.00%
Published-17 Oct, 2014 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins before 1.551 and LTS before 1.532.2 does not invalidate the API token when a user is deleted, which allows remote authenticated users to retain access via the token.

Action-Not Available
Vendor-n/aJenkins
Product-jenkinsn/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-21263
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.34% / 55.77%
||
7 Day CHG~0.00%
Published-19 Jun, 2020 | 16:45
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authenticate to a different user's account via a crafted SAML response.

Action-Not Available
Vendor-n/aMattermost, Inc.
Product-mattermost_servern/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-18877
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.19% / 40.62%
||
7 Day CHG~0.00%
Published-18 Jun, 2019 | 14:26
Updated-05 Aug, 2024 | 11:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can access an alternative configuration page config_main.php that allows manipulation of the device.

Action-Not Available
Vendor-columbiaweathern/a
Product-weather_microserver_firmwareweather_microservern/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-1672
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5||MEDIUM
EPSS-0.24% / 46.70%
||
7 Day CHG~0.00%
Published-01 Oct, 2018 | 15:00
Updated-17 Sep, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. IBM X-Force ID: 144958.

Action-Not Available
Vendor-IBM Corporation
Product-websphere_portalWebSphere Portal
CWE ID-CWE-287
Improper Authentication
CVE-2018-12613
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-94.14% / 99.90%
||
7 Day CHG~0.00%
Published-21 Jun, 2018 | 20:00
Updated-05 Aug, 2024 | 08:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).

Action-Not Available
Vendor-n/aphpMyAdmin
Product-phpmyadminn/a
CWE ID-CWE-287
Improper Authentication
CVE-2009-0030
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.03% / 76.37%
||
7 Day CHG~0.00%
Published-21 Jan, 2009 | 20:00
Updated-07 Aug, 2024 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users' folder lists and configuration data in opportunistic circumstances by using the standard webmail.php interface. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3663.

Action-Not Available
Vendor-n/aSquirrelMail
Product-squirrelmailn/a
CWE ID-CWE-287
Improper Authentication
CVE-2024-11209
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.17% / 39.07%
||
7 Day CHG~0.00%
Published-14 Nov, 2024 | 13:31
Updated-19 Nov, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apereo CAS 2FA login improper authentication

A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an unknown part of the file /login?service of the component 2FA. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-apereoApereoapereo
Product-central_authentication_serviceCAScas_server
CWE ID-CWE-287
Improper Authentication
CVE-2018-0435
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.1||CRITICAL
EPSS-1.60% / 80.94%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Umbrella API Unauthorized Access Vulnerability

A vulnerability in the Cisco Umbrella API could allow an authenticated, remote attacker to view and modify data across their organization and other organizations. The vulnerability is due to insufficient authentication configurations for the API interface of Cisco Umbrella. An attacker could exploit this vulnerability to view and potentially modify data for their organization or other organizations. A successful exploit could allow the attacker to read or modify data across multiple organizations.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-umbrellaCisco Umbrella
CWE ID-CWE-287
Improper Authentication
CVE-2018-0195
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.31% / 53.57%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 22:00
Updated-02 Dec, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco IOS XE Software REST API could allow an authenticated, remote attacker to bypass API authorization checks and use the API to perform privileged actions on an affected device. The vulnerability is due to insufficient authorization checks for requests that are sent to the REST API of the affected software. An attacker could exploit this vulnerability by sending a malicious request to an affected device via the REST API. A successful exploit could allow the attacker to selectively bypass authorization checks for the REST API of the affected software and use the API to perform privileged actions on an affected device. Cisco Bug IDs: CSCuz56428.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xeCisco IOS XE
CWE ID-CWE-287
Improper Authentication
CVE-2016-10826
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.43% / 61.72%
||
7 Day CHG~0.00%
Published-01 Aug, 2019 | 18:28
Updated-06 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering requests (SEC-93).

Action-Not Available
Vendor-n/acPanel (WebPros International, LLC)
Product-cpaneln/a
CWE ID-CWE-287
Improper Authentication
CVE-2022-1049
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.13% / 33.41%
||
7 Day CHG+0.01%
Published-25 Mar, 2022 | 18:03
Updated-02 Aug, 2024 | 23:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

Action-Not Available
Vendor-clusterlabsn/aDebian GNU/Linux
Product-debian_linuxpcsclusterlabs/pcs
CWE ID-CWE-287
Improper Authentication
CVE-2015-8332
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.24% / 47.61%
||
7 Day CHG~0.00%
Published-28 Aug, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei Video Content Management (VCM) before V100R001C10SPC001 does not properly "authenticate online user identities and privileges," which allows remote authenticated users to gain privileges and perform a case operation as another user via a crafted message, aka "Horizontal Privilege Escalation Vulnerability."

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-vcm5020vcm5020_firmwarevcm5010vcm5010_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2015-8269
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-0.79% / 72.94%
||
7 Day CHG~0.00%
Published-04 Feb, 2016 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive information or modify data by leveraging presence in an 802.11 network's coverage area and entering an account number.

Action-Not Available
Vendor-fisher-pricen/a
Product-smart_toy_bearn/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-6960
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-8.8||HIGH
EPSS-4.52% / 88.71%
||
7 Day CHG~0.00%
Published-20 Apr, 2018 | 13:00
Updated-16 Sep, 2024 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Horizon DaaS (7.x before 8.0.0) contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-horizon_daasHorizon DaaS
CWE ID-CWE-287
Improper Authentication
CVE-2014-0132
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.57% / 67.70%
||
7 Day CHG~0.00%
Published-18 Mar, 2014 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SASL/GSSAPI bind.

Action-Not Available
Vendor-n/aFedora Project
Product-389_directory_servern/a
CWE ID-CWE-287
Improper Authentication
CVE-2022-24857
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.3||HIGH
EPSS-0.23% / 46.16%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 18:50
Updated-23 Apr, 2025 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multi factor authentication bypass in django-mfa3

django-mfa3 is a library that implements multi factor authentication for the django web framework. It achieves this by modifying the regular login view. Django however has a second login view for its admin area. This second login view was not modified, so the multi factor authentication can be bypassed. Users are affected if they have activated both django-mfa3 (< 0.5.0) and django.contrib.admin and have not taken any other measures to prevent users from accessing the admin login view. The issue has been fixed in django-mfa3 0.5.0. It is possible to work around the issue by overwriting the admin login route, e.g. by adding the following URL definition *before* the admin routes: url('admin/login/', lambda request: redirect(settings.LOGIN_URL)

Action-Not Available
Vendor-django-mfa3_projectxi
Product-django-mfa3django-mfa3
CWE ID-CWE-287
Improper Authentication
CVE-2019-8634
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-8.8||HIGH
EPSS-0.41% / 60.76%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 17:33
Updated-04 Aug, 2024 | 21:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5. A user may be unexpectedly logged in to another user’s account.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xmacOS
CWE ID-CWE-287
Improper Authentication
CVE-2008-3428
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.42% / 61.25%
||
7 Day CHG~0.00%
Published-31 Jul, 2008 | 22:00
Updated-07 Aug, 2024 | 09:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Session fixation vulnerability in phpFreeChat 1.1 allows remote authenticated users to hijack web sessions by setting the session_id parameter to match the victim's nickid parameter.

Action-Not Available
Vendor-phpfreechatn/a
Product-phpfreechatn/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-1317
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-8.8||HIGH
EPSS-3.48% / 87.09%
||
7 Day CHG~0.00%
Published-23 Apr, 2019 | 14:45
Updated-05 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.

Action-Not Available
Vendor-The Apache Software Foundation
Product-zeppelinApache Zeppelin
CWE ID-CWE-287
Improper Authentication
CVE-2021-22858
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.30% / 52.64%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 10:45
Updated-17 Sep, 2024 | 01:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ChanGate EnterPrise Co., Ltd property management system - Broken Authentication

Attackers can access the CGE account management function without privilege for permission elevation and execute arbitrary commands or files after obtaining user permissions.

Action-Not Available
Vendor-changjia_property_management_system_projectChanGate EnterPrise Co., Ltd
Product-changjia_property_management_systemproperty management system
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2022-23652
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.39% / 58.93%
||
7 Day CHG~0.00%
Published-22 Feb, 2022 | 19:55
Updated-22 Apr, 2025 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation using hop-by-hop Connection header

capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious `Connection` header to start a privilege escalation attack towards the Kubernetes API Server. This vulnerability allows for an exploit of the `cluster-admin` Role bound to `capsule-proxy`. There are no known workarounds for this issue.

Action-Not Available
Vendor-clastixclastix
Product-capsule-proxycapsule-proxy
CWE ID-CWE-287
Improper Authentication
CVE-2021-22497
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
CVSS Score-3.8||LOW
EPSS-0.25% / 47.77%
||
7 Day CHG~0.00%
Published-12 Apr, 2021 | 20:53
Updated-16 Sep, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Advanced Authentication Improper Session Management

Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.

Action-Not Available
Vendor-Micro Focus International Limited
Product-netiq_advanced_authenticationAdvanced Authentication
CWE ID-CWE-287
Improper Authentication
CVE-2018-10847
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.2||MEDIUM
EPSS-1.26% / 78.53%
||
7 Day CHG~0.00%
Published-30 Jul, 2018 | 16:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass. Prosody did not verify that the virtual host associated with a user session remained the same across stream restarts. A user may authenticate to XMPP host A and migrate their authenticated session to XMPP host B of the same Prosody instance.

Action-Not Available
Vendor-prosody[UNKNOWN]
Product-prosodyprosody
CWE ID-CWE-592
DEPRECATED: Authentication Bypass Issues
CWE ID-CWE-287
Improper Authentication
CVE-2007-5374
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.49% / 87.12%
||
7 Day CHG~0.00%
Published-11 Oct, 2007 | 10:00
Updated-07 Aug, 2024 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cp_memberedit.php in LightBlog 8.4.1.1 does not check for administrative credentials when processing an admin action, which allows remote authenticated users to increase the privileges of any account.

Action-Not Available
Vendor-lightblogn/a
Product-lightblogn/a
CWE ID-CWE-287
Improper Authentication
CVE-2017-8194
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-8.8||HIGH
EPSS-0.49% / 64.40%
||
7 Day CHG~0.00%
Published-22 Nov, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-fusionsphere_openstackFusionSphere OpenStack
CWE ID-CWE-287
Improper Authentication
CVE-2017-2689
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.53% / 66.33%
||
7 Day CHG~0.00%
Published-29 Mar, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings.

Action-Not Available
Vendor-n/aSiemens AG
Product-ruggedcom_rox_iRUGGEDCOM ROX I All versions
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-287
Improper Authentication
CVE-2020-15149
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.9||CRITICAL
EPSS-0.44% / 62.18%
||
7 Day CHG~0.00%
Published-19 Aug, 2020 | 17:50
Updated-04 Aug, 2024 | 13:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Account takeover in NodeBB

NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in the validation logic that makes it possible to change the password of any user on a running NodeBB forum by sending a specially crafted socket.io call to the server. This could lead to a privilege escalation event due via an account takeover. As a workaround you may cherry-pick the following commit from the project's repository to your running instance of NodeBB: 16cee1b03ba3eee177834a1fdac4aa8a12b39d2a. This is fixed in version 1.14.3.

Action-Not Available
Vendor-nodebbNodeBB
Product-nodebbNodeBB
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-287
Improper Authentication
CVE-2020-13290
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.92%
||
7 Day CHG~0.00%
Published-12 Aug, 2020 | 14:24
Updated-04 Aug, 2024 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page

Action-Not Available
Vendor-GitLab Inc.
Product-gitlabGitLab
CWE ID-CWE-287
Improper Authentication
CVE-2016-10831
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.56% / 67.25%
||
7 Day CHG~0.00%
Published-01 Aug, 2019 | 16:25
Updated-06 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101).

Action-Not Available
Vendor-n/acPanel (WebPros International, LLC)
Product-cpaneln/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-7666
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-21.09% / 95.44%
||
7 Day CHG~0.00%
Published-01 Jul, 2019 | 18:27
Updated-04 Aug, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Prima Systems FlexAir, Versions 2.3.38 and prior. The application allows improper authentication using the MD5 hash value of the password, which may allow an attacker with access to the database to login as admin without decrypting the password.

Action-Not Available
Vendor-primasystemsn/a
Product-flexairn/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-43116
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-7.48% / 91.40%
||
7 Day CHG~0.00%
Published-05 Jul, 2022 | 00:00
Updated-04 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login.

Action-Not Available
Vendor-alibaban/a
Product-nacosn/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-41265
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.1||HIGH
EPSS-0.33% / 55.10%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 16:40
Updated-07 Mar, 2025 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Authentication in Flask-AppBuilder

Flask-AppBuilder is a development framework built on top of Flask. Verions prior to 3.3.4 contain an improper authentication vulnerability in the REST API. The issue allows for a malicious actor with a carefully crafted request to successfully authenticate and gain access to existing protected REST API endpoints. This only affects non database authentication types and new REST API endpoints. Users should upgrade to Flask-AppBuilder 3.3.4 to receive a patch.

Action-Not Available
Vendor-dpgaspardpgaspar
Product-flask-appbuilderFlask-AppBuilder
CWE ID-CWE-287
Improper Authentication
CVE-2021-27522
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.55% / 66.91%
||
7 Day CHG~0.00%
Published-08 Apr, 2021 | 15:13
Updated-03 Aug, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Learnsite 1.2.5.0 contains a remote privilege escalation vulnerability in /Manager/index.aspx through the JudgIsAdmin() function. By modifying the initial letter of the key of a user cookie, the key of the administrator cookie can be obtained.

Action-Not Available
Vendor-learnsite_projectn/a
Product-learnsiten/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-26077
Matching Score-4
Assigner-Atlassian
ShareView Details
Matching Score-4
Assigner-Atlassian
CVSS Score-9.1||CRITICAL
EPSS-0.39% / 59.10%
||
7 Day CHG~0.00%
Published-09 May, 2021 | 23:55
Updated-12 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.

Action-Not Available
Vendor-Atlassian
Product-connect_spring_bootAtlassian Connect Spring Boot (ACSB)
CWE ID-CWE-287
Improper Authentication
CVE-2021-20288
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.18% / 39.75%
||
7 Day CHG~0.00%
Published-15 Apr, 2021 | 00:00
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associated with another user, as ceph does not force the reuse of old keys to generate new ones. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aRed Hat, Inc.Debian GNU/LinuxFedora ProjectThe Linux Foundation
Product-ceph_storagecephdebian_linuxfedoraceph
CWE ID-CWE-287
Improper Authentication
CVE-2020-8828
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.43% / 61.66%
||
7 Day CHG~0.00%
Published-08 Apr, 2020 | 19:49
Updated-07 Aug, 2024 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are not meant to be kept secret and could wind up just about anywhere.

Action-Not Available
Vendor-argoprojn/a
Product-argo_cdn/a
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2020-4662
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 34.12%
||
7 Day CHG~0.00%
Published-14 Aug, 2020 | 12:40
Updated-16 Sep, 2024 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation. IBM X-Force ID: 186233.

Action-Not Available
Vendor-IBM Corporation
Product-event_streamsEvent Streams
CWE ID-CWE-287
Improper Authentication
  • Previous
  • 1
  • 2
  • Next
Details not found