Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-12049

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-08 Jun, 2018 | 01:00
Updated At-05 Aug, 2024 | 08:24
Rejected At-
Credits

A remote attacker can bypass the System Manager Mode on the Canon LBP6030w web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:08 Jun, 2018 | 01:00
Updated At:05 Aug, 2024 | 08:24
Rejected At:
▼CVE Numbering Authority (CNA)

A remote attacker can bypass the System Manager Mode on the Canon LBP6030w web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.exploit-db.com/exploits/44886/
exploit
x_refsource_EXPLOIT-DB
https://gist.github.com/huykha/0381acb2dc580c728a79452b60fa082c
x_refsource_MISC
Hyperlink: https://www.exploit-db.com/exploits/44886/
Resource:
exploit
x_refsource_EXPLOIT-DB
Hyperlink: https://gist.github.com/huykha/0381acb2dc580c728a79452b60fa082c
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.exploit-db.com/exploits/44886/
exploit
x_refsource_EXPLOIT-DB
x_transferred
https://gist.github.com/huykha/0381acb2dc580c728a79452b60fa082c
x_refsource_MISC
x_transferred
Hyperlink: https://www.exploit-db.com/exploits/44886/
Resource:
exploit
x_refsource_EXPLOIT-DB
x_transferred
Hyperlink: https://gist.github.com/huykha/0381acb2dc580c728a79452b60fa082c
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:08 Jun, 2018 | 01:29
Updated At:17 May, 2024 | 01:22

A remote attacker can bypass the System Manager Mode on the Canon LBP6030w web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches

Canon Inc.
canon
>>lbp6030w_firmware>>-
cpe:2.3:o:canon:lbp6030w_firmware:-:*:*:*:*:*:*:*
Canon Inc.
canon
>>lbp6030w>>-
cpe:2.3:h:canon:lbp6030w:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarynvd@nist.gov
CWE ID: CWE-287
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://gist.github.com/huykha/0381acb2dc580c728a79452b60fa082ccve@mitre.org
Broken Link
Third Party Advisory
https://www.exploit-db.com/exploits/44886/cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: https://gist.github.com/huykha/0381acb2dc580c728a79452b60fa082c
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
Hyperlink: https://www.exploit-db.com/exploits/44886/
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

414Records found

CVE-2018-16286
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.13%
||
7 Day CHG~0.00%
Published-14 Sep, 2018 | 21:00
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits.

Action-Not Available
Vendor-n/aLG Electronics Inc.
Product-supersign_cmsn/a
CWE ID-CWE-287
Improper Authentication
CVE-2015-7938
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-1.33% / 79.16%
||
7 Day CHG~0.00%
Published-09 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors.

Action-Not Available
Vendor-n/aAdvantech (Advantech Co., Ltd.)
Product-eki-1321_series_firmwareeki-1322eki-1321eki-1322_series_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2015-7755
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-87.09% / 99.41%
||
7 Day CHG~0.00%
Published-19 Dec, 2015 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows remote attackers to obtain administrative access by entering an unspecified password during a (1) SSH or (2) TELNET session.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-screenosn/a
CWE ID-CWE-287
Improper Authentication
CVE-2015-7224
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.73% / 71.70%
||
7 Day CHG~0.00%
Published-21 Dec, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging creation of a database account without a password when a 'mysql_user' user parameter contains a host with a netmask.

Action-Not Available
Vendor-n/aPerforce Software, Inc. ("Puppet")
Product-puppetlabs-mysqln/a
CWE ID-CWE-287
Improper Authentication
CVE-2014-2075
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.52% / 84.81%
||
7 Day CHG~0.00%
Published-27 Feb, 2014 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK 1.0.0 do not properly enforce administrative authentication requirements, which allows remote attackers to execute arbitrary commands via unspecified vectors.

Action-Not Available
Vendor-n/aTIBCO (Cloud Software Group, Inc.)
Product-enterprise_administratorenterprise_administrator_sdkn/a
CWE ID-CWE-287
Improper Authentication
CVE-2014-1982
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-10||HIGH
EPSS-17.89% / 94.89%
||
7 Day CHG~0.00%
Published-28 Mar, 2014 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The administrative interface in Allied Telesis AT-RG634A ADSL Broadband router 3.3+, iMG624A firmware 3.5, iMG616LH firmware 2.4, and iMG646BD firmware 3.5 allows remote attackers to gain privileges and execute arbitrary commands via a direct request to cli.html.

Action-Not Available
Vendor-alliedtelesisn/a
Product-img616lhimg624a_firmwareimg646bd_firmwareimg624aat-rg634a_firmwareimg646bdimg616lh_firmwareat-rg634an/a
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-15751
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.86% / 74.08%
||
7 Day CHG~0.00%
Published-24 Oct, 2018 | 22:00
Updated-05 Aug, 2024 | 10:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).

Action-Not Available
Vendor-saltstackn/a
Product-saltn/a
CWE ID-CWE-287
Improper Authentication
CVE-2014-2609
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-26.17% / 96.09%
||
7 Day CHG~0.00%
Published-19 Jun, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116.

Action-Not Available
Vendor-n/aHP Inc.
Product-executive_scorecardn/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-16028
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-3.42% / 87.00%
||
7 Day CHG~0.00%
Published-23 Sep, 2020 | 00:26
Updated-26 Nov, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Management Center Lightweight Directory Access Protocol Authentication Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to gain administrative access to the web-based management interface of the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centerCisco Firepower Management Center
CWE ID-CWE-287
Improper Authentication
CVE-2015-6314
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.07% / 76.81%
||
7 Day CHG~0.00%
Published-15 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bug ID CSCuw06153.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-wireless_lan_controller_softwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-24148
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-9.8||CRITICAL
EPSS-5.63% / 89.98%
||
7 Day CHG~0.00%
Published-18 Mar, 2021 | 14:57
Updated-03 Aug, 2024 | 19:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MStore API < 3.2.0 - Authentication Bypass With Sign In With Apple

A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address.

Action-Not Available
Vendor-inspireuiUnknown
Product-mstore_apiMStore API
CWE ID-CWE-287
Improper Authentication
CVE-2021-42338
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.81% / 73.29%
||
7 Day CHG~0.00%
Published-19 Nov, 2021 | 09:05
Updated-17 Sep, 2024 | 00:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
4MOSAn GCB Doctor - Improper Authorization

4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated remote attacker to bypass authentication by code injection in cookie, and arbitrarily manipulate the system or interrupt services by upload and execution of arbitrary files.

Action-Not Available
Vendor-4mosan4MOSAn
Product-gcb_doctorGCB Doctor
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-287
Improper Authentication
CVE-2018-14705
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.71%
||
7 Day CHG~0.00%
Published-24 Feb, 2020 | 18:16
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Lack of Authentication/Authorization on Administrative Web Pages

In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these applications, but also poses severe risks to the confidentiality and integrity of data stored within the applications and the device itself.

Action-Not Available
Vendor-drobon/a
Product-5n2_firmware5n2n/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-14805
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-1.32% / 79.06%
||
7 Day CHG~0.00%
Published-29 Aug, 2018 | 16:00
Updated-17 Sep, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability.

Action-Not Available
Vendor-ICS-CERTHitachi Energy Ltd.
Product-esomsABB eSOMS
CWE ID-CWE-287
Improper Authentication
CVE-2018-14709
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.62% / 69.22%
||
7 Day CHG~0.00%
Published-03 Dec, 2018 | 22:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect access control in the Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to bypass authentication due to insecure token generation.

Action-Not Available
Vendor-drobon/a
Product-5n2_firmware5n2n/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-14708
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.20%
||
7 Day CHG~0.00%
Published-03 Dec, 2018 | 22:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insecure transport protocol used by Drobo Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to intercept network traffic.

Action-Not Available
Vendor-drobon/a
Product-5n2_firmware5n2n/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-15556
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.54% / 84.88%
||
7 Day CHG~0.00%
Published-27 Jun, 2019 | 16:55
Updated-05 Aug, 2024 | 09:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers.

Action-Not Available
Vendor-n/aActiontec (Actiontec Electronics, Inc.)
Product-web6000qweb6000q_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-14643
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-8.95% / 92.25%
||
7 Day CHG~0.00%
Published-21 Sep, 2018 | 13:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. A malicious attacker can use this flaw to remotely execute arbitrary commands on machines managed by vulnerable Foreman instances, in a highly privileged context.

Action-Not Available
Vendor-[UNKNOWN]The Foreman
Product-foremansmart_proxy_dynflow
CWE ID-CWE-592
DEPRECATED: Authentication Bypass Issues
CWE ID-CWE-287
Improper Authentication
CVE-2018-13990
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.6||HIGH
EPSS-1.28% / 78.76%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 18:47
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts.

Action-Not Available
Vendor-n/aPhoenix Contact GmbH & Co. KG
Product-fl_switch_4808e-16fx_sm-4gcfl_switch_3004t-fx_st_firmwarefl_switch_4808e-16fx_lc-4gcfl_switch_3006t-2fx_sm_firmwarefl_switch_4008t-2gt-4fx_smfl_switch_3016_firmwarefl_switch_3016tfl_switch_4008t-2gt-3fx_sm_firmwarefl_switch_4808e-16fx_sm_st-4gcfl_switch_3004t-fx_stfl_switch_3016fl_switch_4808e-16fx-4gc_firmwarefl_switch_3005tfl_switch_4808e-16fx-4gcfl_switch_4012t-2gt-2fx_stfl_switch_3012e-2sfx_firmwarefl_switch_3004t-fxfl_switch_4824e-4gcfl_switch_3005t_firmwarefl_switch_3008t_firmwarefl_switch_4824e-4gc_firmwarefl_switch_4808e-16fx_st-4gc_firmwarefl_switch_4008t-2sfpfl_switch_3008fl_switch_4012t_2gt_2fxfl_switch_3012e-2fx_sm_firmwarefl_switch_3004t-fx_firmwarefl_switch_3006t-2fx_stfl_switch_4808e-16fx_sm_lc-4gc_firmwarefl_switch_3006t-2fx_st_firmwarefl_switch_3006t-2fx_firmwarefl_switch_4008t-2gt-3fx_smfl_switch_4800e-24fx_sm-4gcfl_switch_4800e-24fx_sm-4gc_firmwarefl_switch_4808e-16fx_sm_st-4gc_firmwarefl_switch_4008t-2gt-4fx_sm_firmwarefl_switch_4012t_2gt_2fx_firmwarefl_switch_4808e-16fx_lc-4gc_firmwarefl_switch_3016t_firmwarefl_switch_3016efl_switch_3006t-2fxfl_switch_3008_firmwarefl_switch_3012e-2sfxfl_switch_4000t-8poe-2sfp-rfl_switch_4008t-2sfp_firmwarefl_switch_4012t-2gt-2fx_st_firmwarefl_switch_3005fl_switch_4808e-16fx_st-4gcfl_switch_4808e-16fx_sm_lc-4gcfl_switch_4800e-24fx-4gcfl_switch_4808e-16fx_sm-4gc_firmwarefl_switch_4000t-8poe-2sfp-r_firmwarefl_switch_3016e_firmwarefl_switch_3008tfl_switch_3006t-2fx_smfl_switch_4800e-24fx-4gc_firmwarefl_switch_3012e-2fx_smfl_switch_3005_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-14078
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.54% / 80.65%
||
7 Day CHG~0.00%
Published-20 Aug, 2018 | 20:00
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to reset the admin password via the /ConfigWizard/ChangePwd.esp?2admin URL (Attackers can login using the "admin" username with password "admin" after a successful attack).

Action-Not Available
Vendor-wi2ben/a
Product-smart_hp_wmtn/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-1343
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 63.78%
||
7 Day CHG~0.00%
Published-06 Mar, 2018 | 20:00
Updated-17 Sep, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PAM exposure enabling unauthenticated access to remote host

Action-Not Available
Vendor-netiqMicro Focus International Limited
Product-privileged_account_managerNetIQ Privileged Account Manager (PAM) 3.1 and 3.2
CWE ID-CWE-287
Improper Authentication
CVE-2008-4223
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.00% / 76.02%
||
7 Day CHG~0.00%
Published-17 Dec, 2008 | 01:00
Updated-07 Aug, 2024 | 10:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Podcast Producer in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to bypass authentication and gain administrative access via unspecified vectors.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_x_servern/a
CWE ID-CWE-287
Improper Authentication
CVE-2013-7465
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-9.24% / 92.40%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 05:00
Updated-16 Sep, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ice Cold Apps Servers Ultimate 6.0.2(12) does not require authentication for TELNET, SSH, or FTP, which allows remote attackers to execute arbitrary code by uploading PHP scripts.

Action-Not Available
Vendor-icecoldappsn/a
Product-servers_ultimaten/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-12242
Matching Score-4
Assigner-Symantec - A Division of Broadcom
ShareView Details
Matching Score-4
Assigner-Symantec - A Division of Broadcom
CVSS Score-9.8||CRITICAL
EPSS-6.45% / 90.68%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 15:00
Updated-16 Sep, 2024 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow attackers to potentially circumvent security mechanisms currently in place and gain access to the system or network.

Action-Not Available
Vendor-Symantec Corporation
Product-messaging_gatewaySymantec Messaging Gateway
CWE ID-CWE-287
Improper Authentication
CVE-2013-6920
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.39% / 79.62%
||
7 Day CHG~0.00%
Published-07 Dec, 2013 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens SINAMICS S/G controllers with firmware before 4.6.11 do not require authentication for FTP and TELNET sessions, which allows remote attackers to bypass intended access restrictions via TCP traffic to port (1) 21 or (2) 23.

Action-Not Available
Vendor-n/aSiemens AG
Product-sinamics_s110sinamics_g120psinamics_s120cmsinamics_s150sinamics_g120sinamics_g130sinamics_s120sinamics_g150sinamics_g120dsinamics_g180sinamics_g110sinamics_g110dsinamics_s\/g_family_firmwaresinamics_g120cn/a
CWE ID-CWE-287
Improper Authentication
CVE-2013-7282
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.66% / 88.89%
||
7 Day CHG-0.34%
Published-10 Jan, 2014 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The management web interface on the Nisuta NS-WIR150NE router with firmware 5.07.41 and Nisuta NS-WIR300N router with firmware 5.07.36_NIS01 allows remote attackers to bypass authentication via a "Cookie: :language=en" HTTP header.

Action-Not Available
Vendor-nisutan/a
Product-ns-wir150nens-wir150ne_firmwarens-wir300n_firmwarens-wir300nn/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-23857
Matching Score-4
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-4
Assigner-Robert Bosch GmbH
CVSS Score-10||CRITICAL
EPSS-0.45% / 62.51%
||
7 Day CHG~0.00%
Published-04 Oct, 2021 | 17:32
Updated-03 Aug, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Login with hash

Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the system.

Action-Not Available
Vendor-Bosch Rexroth AGRobert Bosch GmbH
Product-rexroth_indramotion_mlc_l45rexroth_indramotion_mlc_xm42rexroth_indramotion_xlc_firmwarerexroth_indramotion_mlc_l25_firmwarerexroth_indramotion_mlc_xm21_firmwarerexroth_indramotion_mlc_l20_firmwarerexroth_indramotion_mlc_xm41_firmwarerexroth_indramotion_mlc_l65rexroth_indramotion_xlcrexroth_indramotion_mlc_l40_firmwarerexroth_indramotion_mlc_l75rexroth_indramotion_mlc_l85_firmwarerexroth_indramotion_mlc_xm22rexroth_indramotion_mlc_l45_firmwarerexroth_indramotion_mlc_l25rexroth_indramotion_mlc_xm22_firmwarerexroth_indramotion_mlc_xm41rexroth_indramotion_mlc_xm42_firmwarerexroth_indramotion_mlc_l65_firmwarerexroth_indramotion_mlc_l40rexroth_indramotion_mlc_xm21rexroth_indramotion_mlc_l20rexroth_indramotion_mlc_l75_firmwarerexroth_indramotion_mlc_l85IndraMotion MLC L25, L45, L65, L75, L85, XM21, XM22, XM41 and XM42 IndraMotion XLCIndraMotion MLC L20, L40
CWE ID-CWE-836
Use of Password Hash Instead of Password for Authentication
CWE ID-CWE-287
Improper Authentication
CVE-2019-12564
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 58.73%
||
7 Day CHG~0.00%
Published-02 Jun, 2019 | 23:07
Updated-04 Aug, 2024 | 23:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the database backup file via a brute-force guessing approach for data/backup/DyyyymmddThhmmss.sql filenames.

Action-Not Available
Vendor-doucon/a
Product-douphpn/a
CWE ID-CWE-287
Improper Authentication
CVE-2013-5511
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-10||HIGH
EPSS-1.84% / 82.21%
||
7 Day CHG~0.00%
Published-13 Oct, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.6) does not properly implement the authentication-certificate option, which allows remote attackers to bypass authentication via a TCP session to an ASDM interface, aka Bug ID CSCuh44815.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-12667
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.76% / 72.45%
||
7 Day CHG~0.00%
Published-19 Oct, 2018 | 22:00
Updated-05 Aug, 2024 | 08:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and modify the configuration. The vulnerability affects all versions.

Action-Not Available
Vendor-sv3cn/a
Product-h.264_poe_ip_camera_firmwaresv-b11vpoe-1080p-lsv-b01poe-1080p-lsv-d02poe-1080p-ln/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-10611
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-6.74% / 90.90%
||
7 Day CHG~0.00%
Published-04 Jun, 2018 | 14:00
Updated-16 Sep, 2024 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services.

Action-Not Available
Vendor-geGE
Product-mds_pulsenetMDS PulseNET and MDS PulseNET Enterprise
CWE ID-CWE-287
Improper Authentication
CVE-2013-5944
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.49% / 80.26%
||
7 Day CHG~0.00%
Published-03 Oct, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions via requests to the management interface.

Action-Not Available
Vendor-n/aSiemens AG
Product-scalance_x-200scalance_x-200irtscalance_x-200_series_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2013-6035
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-10||HIGH
EPSS-1.71% / 81.59%
||
7 Day CHG~0.00%
Published-04 Feb, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals does not require authentication for sessions on TCP port 1827, which allows remote attackers to execute arbitrary code via unspecified protocol operations.

Action-Not Available
Vendor-hughes_network_systemsjapan_radioinmarsatgatehouseharristhuraya_telecommunicationsn/a
Product-94509201jue-250bgan9502inmarsatjue-500ipgatehousen/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-1085
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9||CRITICAL
EPSS-1.48% / 80.19%
||
7 Day CHG~0.00%
Published-15 Jun, 2018 | 13:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH in etcd.conf result in etcd being configured to allow remote users to connect without any authentication if they can access the etcd server bound to the network on the master nodes. An attacker could use this flaw to read and modify all the data about the Openshift cluster in the etcd datastore, potentially adding another compute node, or bringing down the entire cluster.

Action-Not Available
Vendor-[UNKNOWN]Red Hat, Inc.
Product-openshift_container_platformopenshift-ansible
CWE ID-CWE-592
DEPRECATED: Authentication Bypass Issues
CWE ID-CWE-287
Improper Authentication
CVE-2018-11052
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-9.8||CRITICAL
EPSS-6.71% / 90.88%
||
7 Day CHG~0.00%
Published-03 Jul, 2018 | 17:00
Updated-17 Sep, 2024 | 04:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dell EMC ECS S3 Authentication Bypass Vulnerability

Dell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to read and modify S3 objects by supplying specially crafted S3 requests.

Action-Not Available
Vendor-dellemcDell Inc.
Product-elastic_cloud_storageECS
CWE ID-CWE-287
Improper Authentication
CVE-2018-11407
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.20% / 42.02%
||
7 Day CHG~0.00%
Published-13 Jun, 2018 | 16:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a "null" password and valid username, which triggers an unauthenticated bind. NOTE: this issue exists because of an incomplete fix for CVE-2016-2403.

Action-Not Available
Vendor-sensiolabsn/a
Product-symfonyn/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-10643
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 61.61%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 18:50
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Contao 4.7 allows Use of a Key Past its Expiration Date.

Action-Not Available
Vendor-n/aContao Association
Product-contao_cmsn/a
CWE ID-CWE-287
Improper Authentication
CVE-2013-5122
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.11% / 88.15%
||
7 Day CHG~0.00%
Published-07 Jan, 2020 | 13:29
Updated-06 Aug, 2024 | 17:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Linksys Routers EA2700, EA3500, E4200, EA4500: A bug can cause an unsafe TCP port to open which leads to unauthenticated access

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-linksys_e4200_firmwarelinksys_ea4500_firmwarelinksys_ea4500linksys_e4200linksys_ea3500_firmwarelinksys_ea2700linksys_ea3500linksys_ea2700_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-11018
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.35% / 56.60%
||
7 Day CHG~0.00%
Published-08 Apr, 2019 | 20:37
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

application\admin\controller\User.php in ThinkAdmin V4.0 does not prevent continued use of an administrator's cookie-based credentials after a password change.

Action-Not Available
Vendor-thinkadminn/a
Product-thinkadminn/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-11271
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.27%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:32
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SM7150, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sm7150_firmwaresd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresm7150sd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_652sd_425_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd855sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaresxr1130msm8909wsd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630sd_625qm215sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwaresd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresd_430sd_427sd_670sd_435_firmwaresd855_firmwaresd_710sd_205sdm660_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-287
Improper Authentication
CVE-2013-4783
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.83% / 89.10%
||
7 Day CHG-0.58%
Published-08 Jul, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. NOTE: the vendor disputes the significance of this issue, stating "DRAC's are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet."

Action-Not Available
Vendor-n/aDell Inc.
Product-idrac6_bmcn/a
CWE ID-CWE-287
Improper Authentication
CVE-2013-3367
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.51% / 65.47%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 20:43
Updated-06 Aug, 2024 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3.

Action-Not Available
Vendor-n/aTRENDnet, Inc.
Product-tew-691grtew-691gr_firmwaretew-692grtew-692gr_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-10630
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.28% / 51.14%
||
7 Day CHG~0.00%
Published-10 Aug, 2018 | 19:00
Updated-16 Sep, 2024 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version prior to 1.502.0047.001, The devices are shipped with authentication disabled, and there is no indication to users that they need to take steps to enable it. When compromised, the access to the CTP console is left open.

Action-Not Available
Vendor-ICS-CERTCrestron Electronics, Inc.
Product-tsw-1060-nc-w-stsw-760-nc-b-stsw-760-nc-w-smc3mc3_firmwaretsw-1060-nc-b-stsw-760-b-stsw-760-w-stsw-560-b-stsw-560-nc-b-stsw-560-w-stsw-x60_firmwaretsw-560-nc-w-stsw-1060-b-stsw-1060-w-sCrestron TSW-X60 version prior to 2.001.0037.001 and MC3 version prior to 1.502.0047.001
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-287
Improper Authentication
CVE-2013-3268
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.19% / 40.86%
||
7 Day CHG~0.00%
Published-24 Apr, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors.

Action-Not Available
Vendor-n/aNovell
Product-imanagern/a
CWE ID-CWE-287
Improper Authentication
CVE-2013-3091
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.03% / 89.33%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 18:03
Updated-06 Aug, 2024 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using "Javascript debugging."

Action-Not Available
Vendor-n/aBelkin International, Inc.
Product-n300n300_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2013-3317
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.23% / 45.62%
||
7 Day CHG~0.00%
Published-29 Jan, 2020 | 21:18
Updated-06 Aug, 2024 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wnr1000_firmwarewnr1000n/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-10603
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-3.06% / 86.19%
||
7 Day CHG~0.00%
Published-31 Jul, 2018 | 17:00
Updated-17 Sep, 2024 | 00:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the industrial process.

Action-Not Available
Vendor-martemMartem
Product-telem-gw6_firmwaretelem-gwm_firmwaretelem-gwmtelem-gw6TELEM GW6TELEM GWM
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-287
Improper Authentication
CVE-2018-13821
Matching Score-4
Assigner-CA Technologies - A Broadcom Company
ShareView Details
Matching Score-4
Assigner-CA Technologies - A Broadcom Company
CVSS Score-9.8||CRITICAL
EPSS-5.02% / 89.32%
||
7 Day CHG~0.00%
Published-30 Aug, 2018 | 14:00
Updated-16 Sep, 2024 | 22:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.

Action-Not Available
Vendor-
Product-unified_infrastructure_managementUnified Infrastructure Management
CWE ID-CWE-287
Improper Authentication
CVE-2018-0121
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-6.66% / 90.84%
||
7 Day CHG~0.00%
Published-22 Feb, 2018 | 00:00
Updated-02 Dec, 2024 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The vulnerability is due to improper security restrictions that are imposed by the web-based service portal of the affected software. An attacker could exploit this vulnerability by submitting an empty password value to an affected portal when prompted to enter an administrative password for the portal. A successful exploit could allow the attacker to bypass authentication and gain administrator privileges for the web-based service portal of the affected software. This vulnerability affects Cisco Elastic Services Controller Software Release 3.0.0. Cisco Bug IDs: CSCvg29809.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-elastic_services_controllervirtual_managed_servicesCisco Elastic Services Controller
CWE ID-CWE-287
Improper Authentication
CVE-2018-0318
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.49% / 84.71%
||
7 Day CHG~0.00%
Published-07 Jun, 2018 | 12:00
Updated-29 Nov, 2024 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of a password reset request. An attacker could exploit this vulnerability by submitting a password reset request and changing the password for any user on an affected system. An exploit could allow the attacker to gain administrative-level privileges on the affected system. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 11.6 and prior. Cisco Bug IDs: CSCvd07245.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-prime_collaborationprime_collaboration_provisioningCisco Prime Collaboration Provisioning unknown
CWE ID-CWE-255
Not Available
CWE ID-CWE-287
Improper Authentication
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 8
  • 9
  • Next
Details not found