Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-25036

Summary
Assigner-WPScan
Assigner Org ID-1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81
Published At-17 Jan, 2022 | 13:00
Updated At-03 Aug, 2024 | 19:49
Rejected At-
Credits

All In One SEO < 4.1.5.3 - Authenticated Privilege Escalation

The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered during an internal audit by the Jetpack Scan team, and may grant bad actors access to protected REST API endpoints they shouldn’t have access to. This could ultimately enable users with low-privileged accounts, like subscribers, to perform remote code execution on affected sites.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:WPScan
Assigner Org ID:1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81
Published At:17 Jan, 2022 | 13:00
Updated At:03 Aug, 2024 | 19:49
Rejected At:
▼CVE Numbering Authority (CNA)
All In One SEO < 4.1.5.3 - Authenticated Privilege Escalation

The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered during an internal audit by the Jetpack Scan team, and may grant bad actors access to protected REST API endpoints they shouldn’t have access to. This could ultimately enable users with low-privileged accounts, like subscribers, to perform remote code execution on affected sites.

Affected Products
Vendor
Unknown
Product
All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic
Versions
Affected
  • From 4.1.3.1 before 4.1.3.1* (custom)
  • From 4.1.5.3 before 4.1.5.3 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-287CWE-287 Improper Authentication
Type: CWE
CWE ID: CWE-287
Description: CWE-287 Improper Authentication
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Marc Montpas (Jetpack Scan)
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://wpscan.com/vulnerability/6de4a7de-6b71-4349-8e52-04c89c5e6d6c
x_refsource_MISC
https://jetpack.com/2021/12/14/severe-vulnerabilities-fixed-in-all-in-one-seo-plugin-version-4-1-5-3/
x_refsource_MISC
https://plugins.trac.wordpress.org/changeset/2640944/all-in-one-seo-pack/trunk/app/Common/Api/Api.php
x_refsource_CONFIRM
Hyperlink: https://wpscan.com/vulnerability/6de4a7de-6b71-4349-8e52-04c89c5e6d6c
Resource:
x_refsource_MISC
Hyperlink: https://jetpack.com/2021/12/14/severe-vulnerabilities-fixed-in-all-in-one-seo-plugin-version-4-1-5-3/
Resource:
x_refsource_MISC
Hyperlink: https://plugins.trac.wordpress.org/changeset/2640944/all-in-one-seo-pack/trunk/app/Common/Api/Api.php
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://wpscan.com/vulnerability/6de4a7de-6b71-4349-8e52-04c89c5e6d6c
x_refsource_MISC
x_transferred
https://jetpack.com/2021/12/14/severe-vulnerabilities-fixed-in-all-in-one-seo-plugin-version-4-1-5-3/
x_refsource_MISC
x_transferred
https://plugins.trac.wordpress.org/changeset/2640944/all-in-one-seo-pack/trunk/app/Common/Api/Api.php
x_refsource_CONFIRM
x_transferred
Hyperlink: https://wpscan.com/vulnerability/6de4a7de-6b71-4349-8e52-04c89c5e6d6c
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://jetpack.com/2021/12/14/severe-vulnerabilities-fixed-in-all-in-one-seo-plugin-version-4-1-5-3/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://plugins.trac.wordpress.org/changeset/2640944/all-in-one-seo-pack/trunk/app/Common/Api/Api.php
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:contact@wpscan.com
Published At:17 Jan, 2022 | 13:15
Updated At:07 Nov, 2023 | 03:31

The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered during an internal audit by the Jetpack Scan team, and may grant bad actors access to protected REST API endpoints they shouldn’t have access to. This could ultimately enable users with low-privileged accounts, like subscribers, to perform remote code execution on affected sites.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.06.5MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.5
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P
CPE Matches

Semper Plugins, LLC (AIOSEO)
aioseo
>>all_in_one_seo>>Versions before 4.1.5.3(exclusive)
cpe:2.3:a:aioseo:all_in_one_seo:*:*:*:*:*:wordpress:*:*
Weaknesses
CWE IDTypeSource
CWE-178Primarynvd@nist.gov
CWE-287Secondarycontact@wpscan.com
CWE ID: CWE-178
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-287
Type: Secondary
Source: contact@wpscan.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://jetpack.com/2021/12/14/severe-vulnerabilities-fixed-in-all-in-one-seo-plugin-version-4-1-5-3/contact@wpscan.com
Exploit
Third Party Advisory
https://plugins.trac.wordpress.org/changeset/2640944/all-in-one-seo-pack/trunk/app/Common/Api/Api.phpcontact@wpscan.com
Patch
Vendor Advisory
https://wpscan.com/vulnerability/6de4a7de-6b71-4349-8e52-04c89c5e6d6ccontact@wpscan.com
Exploit
Third Party Advisory
Hyperlink: https://jetpack.com/2021/12/14/severe-vulnerabilities-fixed-in-all-in-one-seo-plugin-version-4-1-5-3/
Source: contact@wpscan.com
Resource:
Exploit
Third Party Advisory
Hyperlink: https://plugins.trac.wordpress.org/changeset/2640944/all-in-one-seo-pack/trunk/app/Common/Api/Api.php
Source: contact@wpscan.com
Resource:
Patch
Vendor Advisory
Hyperlink: https://wpscan.com/vulnerability/6de4a7de-6b71-4349-8e52-04c89c5e6d6c
Source: contact@wpscan.com
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

209Records found

CVE-2021-24307
Matching Score-8
Assigner-WPScan
ShareView Details
Matching Score-8
Assigner-WPScan
CVSS Score-8.8||HIGH
EPSS-53.27% / 98.87%
||
7 Day CHG~0.00%
Published-24 May, 2021 | 10:58
Updated-03 Aug, 2024 | 19:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
All in One SEO Pack < 4.1.0.2 - Admin RCE via unserialize

The All in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings before 4.1.0.2 enables authenticated users with "aioseo_tools_settings" privilege (most of the time admin) to execute arbitrary code on the underlying host. Users can restore plugin's configuration by uploading a backup .ini file in the section "Tool > Import/Export". However, the plugin attempts to unserialize values of the .ini file. Moreover, the plugin embeds Monolog library which can be used to craft a gadget chain and thus trigger system command execution.

Action-Not Available
Vendor-Semper Plugins, LLC (AIOSEO)
Product-all_in_one_seoAll in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2020-15149
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.9||CRITICAL
EPSS-2.43% / 82.44%
||
7 Day CHG~0.00%
Published-19 Aug, 2020 | 17:50
Updated-04 Aug, 2024 | 13:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Account takeover in NodeBB

NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in the validation logic that makes it possible to change the password of any user on a running NodeBB forum by sending a specially crafted socket.io call to the server. This could lead to a privilege escalation event due via an account takeover. As a workaround you may cherry-pick the following commit from the project's repository to your running instance of NodeBB: 16cee1b03ba3eee177834a1fdac4aa8a12b39d2a. This is fixed in version 1.14.3.

Action-Not Available
Vendor-nodebbNodeBB
Product-nodebbNodeBB
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-287
Improper Authentication
CVE-2020-13365
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.97% / 58.03%
||
7 Day CHG~0.00%
Published-06 Aug, 2020 | 16:56
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-nas542nas540nas326_firmwarenas540_firmwarenas520nas542_firmwarenas326nas520_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2020-13290
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-7.5||HIGH
EPSS-1.11% / 62.31%
||
7 Day CHG~0.00%
Published-12 Aug, 2020 | 14:24
Updated-04 Aug, 2024 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page

Action-Not Available
Vendor-GitLab Inc.
Product-gitlabGitLab
CWE ID-CWE-287
Improper Authentication
CVE-2025-54918
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-18.71% / 96.95%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 17:01
Updated-20 Feb, 2026 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows NTLM Elevation of Privilege Vulnerability

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_server_2022windows_11_22h2windows_11_24h2windows_10_22h2windows_10_1607windows_10_21h2windows_11_23h2windows_server_2008windows_server_2012windows_server_2016windows_server_2019windows_server_2025windows_server_2022_23h2windows_10_1809Windows Server 2025Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-287
Improper Authentication
CVE-2025-53778
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-38.18% / 98.40%
||
7 Day CHG+2.10%
Published-12 Aug, 2025 | 17:10
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows NTLM Elevation of Privilege Vulnerability

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_22h2windows_server_2012windows_server_2008windows_10_21h2windows_11_23h2windows_11_24h2windows_server_2022windows_10_1607windows_10_22h2windows_server_2022_23h2windows_10_1809windows_server_2025windows_server_2019windows_server_2016Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2016Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809
CWE ID-CWE-287
Improper Authentication
CVE-2023-33563
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.56% / 43.11%
||
7 Day CHG~0.00%
Published-01 Aug, 2023 | 00:00
Updated-21 Oct, 2024 | 13:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In PHP Jabbers Time Slots Booking Calendar 3.3 , lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.

Action-Not Available
Vendor-n/aPHPJabbers Ltd.
Product-time_slots_booking_calendarn/a
CWE ID-CWE-287
Improper Authentication
CVE-2023-33237
Matching Score-4
Assigner-Moxa Inc.
ShareView Details
Matching Score-4
Assigner-Moxa Inc.
CVSS Score-8.8||HIGH
EPSS-0.52% / 40.75%
||
7 Day CHG~0.00%
Published-17 Aug, 2023 | 01:50
Updated-28 Oct, 2024 | 06:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication Bypass Without Administrator Privilege

TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API handler, allowing low-privileged APIs to execute restricted actions that only high-privileged APIs are allowed This presents a potential risk of unauthorized exploitation by malicious actors.

Action-Not Available
Vendor-Moxa Inc.
Product-tn-5900_firmwaretn-5900TN-5900 Seriestn-5900
CWE ID-CWE-863
Incorrect Authorization
CWE ID-CWE-287
Improper Authentication
CVE-2023-32523
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-8.8||HIGH
EPSS-2.57% / 83.44%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 21:53
Updated-05 Dec, 2024 | 15:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32524.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-mobile_securityTrend Micro Moibile Security for Enterprise
CWE ID-CWE-287
Improper Authentication
CVE-2023-32524
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-8.8||HIGH
EPSS-2.57% / 83.44%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 21:53
Updated-05 Dec, 2024 | 15:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32523.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-mobile_securityTrend Micro Moibile Security for Enterprise
CWE ID-CWE-287
Improper Authentication
CVE-2023-31127
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.94% / 57.07%
||
7 Day CHG~0.00%
Published-08 May, 2023 | 20:05
Updated-28 Jan, 2025 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DMTF-2023-0001: SPDM mutual authentication bypass

libspdm is a sample implementation that follows the DMTF SPDM specifications. A vulnerability has been identified in SPDM session establishment in libspdm prior to version 2.3.1. If a device supports both DHE session and PSK session with mutual authentication, the attacker may be able to establish the session with `KEY_EXCHANGE` and `PSK_FINISH` to bypass the mutual authentication. This is most likely to happen when the Requester begins a session using one method (DHE, for example) and then uses the other method's finish (PSK_FINISH in this example) to establish the session. The session hashes would be expected to fail in this case, but the condition was not detected. This issue only impacts the SPDM responder, which supports `KEY_EX_CAP=1 and `PSK_CAP=10b` at same time with mutual authentication requirement. The SPDM requester is not impacted. The SPDM responder is not impacted if `KEY_EX_CAP=0` or `PSK_CAP=0` or `PSK_CAP=01b`. The SPDM responder is not impacted if mutual authentication is not required. libspdm 1.0, 2.0, 2.1, 2.2, 2.3 are all impacted. Older branches are not maintained, but users of the 2.3 branch may receive a patch in version 2.3.2. The SPDM specification (DSP0274) does not contain this vulnerability.

Action-Not Available
Vendor-dmtfDMTF
Product-libspdmlibspdm
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-372
Incomplete Internal State Distinction
CVE-2019-7666
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-14.82% / 96.31%
||
7 Day CHG~0.00%
Published-01 Jul, 2019 | 18:27
Updated-04 Aug, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Prima Systems FlexAir, Versions 2.3.38 and prior. The application allows improper authentication using the MD5 hash value of the password, which may allow an attacker with access to the database to login as admin without decrypting the password.

Action-Not Available
Vendor-primasystemsn/a
Product-flexairn/a
CWE ID-CWE-287
Improper Authentication
CVE-2023-31152
Matching Score-4
Assigner-Schweitzer Engineering Laboratories, Inc.
ShareView Details
Matching Score-4
Assigner-Schweitzer Engineering Laboratories, Inc.
CVSS Score-4||MEDIUM
EPSS-0.36% / 27.84%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 19:21
Updated-24 Jan, 2025 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication Bypass Using an Alternate Path or Channel

An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface allows Authentication Bypass. See SEL Service Bulletin dated 2022-11-15 for more details.

Action-Not Available
Vendor-Schweitzer Engineering Laboratories, Inc. (SEL)
Product-sel-3505_firmwaresel-3505-3_firmwaresel-3560e_firmwaresel-2241_rtac_modulesel-3530_firmwaresel-2241_rtac_module_firmwaresel-3555sel-3560s_firmwaresel-3555_firmwaresel-3505-3sel-3532_firmwaresel-3560esel-3505sel-3350sel-3530-4sel-3530-4_firmwaresel-3560ssel-3350_firmwaresel-3532sel-3530SEL-3560ESEL-3350SEL-3505SEL-3532SEL-3505-3SEL-2241 RTAC moduleSEL-3530SEL-3555SEL-3560SSEL-3530-4
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-287
Improper Authentication
CVE-2019-5473
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.2||HIGH
EPSS-1.70% / 74.64%
||
7 Day CHG~0.00%
Published-09 Sep, 2019 | 17:49
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication issue was discovered in GitLab that allowed a bypass of email verification. This was addressed in GitLab 12.1.2 and 12.0.4.

Action-Not Available
Vendor-n/aGitLab Inc.
Product-gitlabgitlab.com
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-287
Improper Authentication
CVE-2019-5486
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-8.8||HIGH
EPSS-1.51% / 71.61%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 20:58
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements.

Action-Not Available
Vendor-n/aGitLab Inc.
Product-gitlabGitLab CE/EE
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-287
Improper Authentication
CVE-2019-6289
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.93% / 77.72%
||
7 Day CHG~0.00%
Published-15 Jan, 2019 | 06:00
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename.

Action-Not Available
Vendor-n/aDedeCMS
Product-dedecmsn/a
CWE ID-CWE-706
Use of Incorrectly-Resolved Name or Reference
CWE ID-CWE-178
Improper Handling of Case Sensitivity
CVE-2019-5890
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.83% / 76.45%
||
7 Day CHG~0.00%
Published-01 Apr, 2019 | 15:19
Updated-04 Aug, 2024 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OverIT Geocall 6.3 before build 2:346977. Weak authentication and session management allows an authenticated user to obtain access to the Administrative control panel and execute administrative functions.

Action-Not Available
Vendor-overitn/a
Product-geocalln/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-5165
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8||HIGH
EPSS-2.23% / 80.80%
||
7 Day CHG~0.00%
Published-25 Feb, 2020 | 15:49
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability.

Action-Not Available
Vendor-n/aMoxa Inc.
Product-awk-3131aawk-3131a_firmwareMoxa
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-287
Improper Authentication
CVE-2023-23612
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.80% / 52.36%
||
7 Day CHG~0.00%
Published-24 Jan, 2023 | 20:36
Updated-10 Mar, 2025 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Issue with whitespace in JWT roles in OpenSearch

OpenSearch is an open source distributed and RESTful search engine. OpenSearch uses JWTs to store role claims obtained from the Identity Provider (IdP) when the authentication backend is SAML or OpenID Connect. There is an issue in how those claims are processed from the JWTs where the leading and trailing whitespace is trimmed, allowing users to potentially claim roles they are not assigned to if any role matches the whitespace-stripped version of the roles they are a member of. This issue is only present for authenticated users, and it requires either the existence of roles that match, not considering leading/trailing whitespace, or the ability for users to create said matching roles. In addition, the Identity Provider must allow leading and trailing spaces in role names. OpenSearch 1.0.0-1.3.7 and 2.0.0-2.4.1 are affected. Users are advised to upgrade to OpenSearch 1.3.8 or 2.5.0. There are no known workarounds for this issue.

Action-Not Available
Vendor-amazonopensearch-project
Product-opensearchsecurity
CWE ID-CWE-287
Improper Authentication
CVE-2023-22650
Matching Score-4
Assigner-SUSE
ShareView Details
Matching Score-4
Assigner-SUSE
CVSS Score-8.7||HIGH
EPSS-0.58% / 44.08%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 08:20
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider

A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies to disabled or revoked users, Rancher will not reflect these modifications which may leave the user’s tokens still usable.

Action-Not Available
Vendor-SUSE
Product-rancherrancher
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-8621
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.36% / 28.42%
||
7 Day CHG~0.00%
Published-14 May, 2026 | 18:46
Updated-14 Jul, 2026 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Crabbox < v0.12.0 Authentication Bypass via Header Spoofing

Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a shared token to bypass authorization checks and access owner/org-scoped lease operations belonging to victim accounts.

Action-Not Available
Vendor-OpenClaw
Product-crabbox
CWE ID-CWE-287
Improper Authentication
CVE-2023-1477
Matching Score-4
Assigner-HYPR Corp
ShareView Details
Matching Score-4
Assigner-HYPR Corp
CVSS Score-7.2||HIGH
EPSS-0.62% / 45.70%
||
7 Day CHG~0.00%
Published-28 Apr, 2023 | 14:56
Updated-05 Mar, 2025 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Authentication vulnerability in HYPR Keycloak Authenticator Extension allows Authentication Abuse.This issue affects HYPR Keycloak Authenticator Extension: before 7.10.2, before 8.0.3.

Action-Not Available
Vendor-hyprHYPR
Product-keycloak_authenticatorKeycloak Authenticator Extension
CWE ID-CWE-287
Improper Authentication
CVE-2019-15299
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.63% / 73.61%
||
7 Day CHG~0.00%
Published-24 Feb, 2020 | 12:55
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Centreon Web through 19.04.3. When a user changes his password on his profile page, the contact_autologin_key field in the database becomes blank when it should be NULL. This makes it possible to partially bypass authentication.

Action-Not Available
Vendor-n/aCENTREON
Product-centreon_webn/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-14705
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.55% / 72.32%
||
7 Day CHG~0.00%
Published-06 Aug, 2019 | 22:24
Updated-05 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin.

Action-Not Available
Vendor-microdigitaln/a
Product-mdc-n4090mdc-n4090w_firmwaremdc-n2190v_firmwaremdc-n2190vmdc-n4090wmdc-n4090_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-32693
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.39% / 69.21%
||
7 Day CHG~0.00%
Published-17 Jun, 2021 | 22:40
Updated-03 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication granted with multiple firewalls

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the firewalls was available for all other firewalls. This could be abused when the application defines different providers for each part of the application, in such a situation, a user authenticated on a part of the application could be considered authenticated on the rest of the application. Starting in version 5.3.2, a patch ensures that the authenticated token is only available for the firewall that generates it.

Action-Not Available
Vendor-sensiolabssymfony
Product-symfonysymfony
CWE ID-CWE-287
Improper Authentication
CVE-2017-9383
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.9||CRITICAL
EPSS-2.51% / 82.99%
||
7 Day CHG~0.00%
Published-17 Jun, 2019 | 19:41
Updated-05 Aug, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port_3480". It seems that the UPnP services provide "wget" as one of the service actions for a normal user to connect the device to an external website. It retrieves the parameter "URL" from the query string and then passes it to an internal function that uses the curl module on the device to retrieve the contents of the website.

Action-Not Available
Vendor-getveran/a
Product-veraliteveraedge_firmwareveraedgeveralite_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2022-46411
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.57% / 43.29%
||
7 Day CHG~0.00%
Published-04 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. A default password is persisted after installation and may be discovered and used to escalate privileges.

Action-Not Available
Vendor-n/aVeritas Technologies LLC
Product-access_appliancenetbackup_flex_scale_appliancen/a
CWE ID-CWE-287
Improper Authentication
CVE-2022-46146
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.2||MEDIUM
EPSS-1.16% / 63.50%
||
7 Day CHG-0.01%
Published-29 Nov, 2022 | 00:00
Updated-03 Aug, 2024 | 14:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Prometheus Exporter Toolkit vulnerable to basic authentication bypass

Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality.

Action-Not Available
Vendor-prometheusprometheus
Product-exporter_toolkitexporter-toolkit
CWE ID-CWE-303
Incorrect Implementation of Authentication Algorithm
CWE ID-CWE-287
Improper Authentication
CVE-2019-13526
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-2.37% / 81.91%
||
7 Day CHG~0.00%
Published-29 Aug, 2019 | 22:48
Updated-04 Aug, 2024 | 23:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to authentication bypass, which may allow an attacker to remotely execute arbitrary code.

Action-Not Available
Vendor-datalogicn/a
Product-av7000av7000_firmwareDatalogic AV7000 Linear barcode scanner
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-287
Improper Authentication
CVE-2019-13423
Matching Score-4
Assigner-floragunn GmbH
ShareView Details
Matching Score-4
Assigner-floragunn GmbH
CVSS Score-8.8||HIGH
EPSS-0.68% / 48.18%
||
7 Day CHG~0.00%
Published-23 Aug, 2019 | 13:30
Updated-04 Aug, 2024 | 23:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use Single-Sign-On as authentication method, one of Kerberos, JWT, Proxy, Client certificate. b) The kibanaserver user is configured to use HTTP Basic as the authentication method. c) Search Guard is configured to use an SSO authentication domain and HTTP Basic at the same time

Action-Not Available
Vendor-search-guardfloragunn
Product-search_guardSearch Guard Kibana Plugin
CWE ID-CWE-287
Improper Authentication
CVE-2017-9314
Matching Score-4
Assigner-Dahua Technologies
ShareView Details
Matching Score-4
Assigner-Dahua Technologies
CVSS Score-8.8||HIGH
EPSS-0.93% / 56.77%
||
7 Day CHG~0.00%
Published-13 Nov, 2017 | 16:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. Attacker could exploit this vulnerability to gain access to additional operations by means of forging json message.

Action-Not Available
Vendor-Dahua Technology Co., Ltd
Product-nvr5864-4ks2_firmwarenvr5864-4ks2nvr5416-4ks2_firmwarenvr5416-4ks2nvr5832-16p-4ks2_firmwarenvr5232-8p-4ks2_firmwarenvr5816-16p-4ks2nvr5216-8p-4ks2_firmwarenvr5216-4ks2nvr5816-4ks2_firmwarenvr5832-4ks2_firmwarenvr5416-16p-4ks2_firmwarenvr5216-8p-4ks2nvr5216-16p-4ks2nvr5816-16p-4ks2_firmwarenvr5232-16p-4ks2_firmwarenvr5232-4ks2nvr5224-24p-4ks2nvr5464-16p-4ks2nvr5432-16p-4ks2nvr5208-8p-4ks2nvr5232-4ks2_firmwarenvr5208-4ks2nvr5432-4ks2_firmwarenvr5216-4ks2_firmwarenvr5424-24p-4ks2nvr5432-16p-4ks2_firmwarenvr5816-4ks2nvr5464-4ks2_firmwarenvr5864-16p-4ks2nvr5432-4ks2nvr5464-4ks2nvr5208-4ks2_firmwarenvr5832-4ks2nvr5464-16p-4ks2_firmwarenvr5224-24p-4ks2_firmwarenvr5208-8p-4ks2_firmwarenvr5864-16p-4ks2_firmwarenvr5232-8p-4ks2nvr5424-24p-4ks2_firmwarenvr5232-16p-4ks2nvr5832-16p-4ks2nvr5216-16p-4ks2_firmwarenvr5416-16p-4ks2NVR50XX, VR52XX, VR54XX, VR58XX
CWE ID-CWE-287
Improper Authentication
CVE-2022-44620
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.87% / 54.64%
||
7 Day CHG~0.00%
Published-07 Dec, 2022 | 00:00
Updated-23 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.

Action-Not Available
Vendor-unimoUNIMO Technology Co., Ltd
Product-udr-ja1616udr-ja1604udr-ja1608_firmwareudr-ja1604_firmwareudr-ja1616_firmwareudr-ja1608UDR-JA1604/UDR-JA1608/UDR-JA1616
CWE ID-CWE-287
Improper Authentication
CVE-2015-8269
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-2.29% / 81.27%
||
7 Day CHG~0.00%
Published-04 Feb, 2016 | 11:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive information or modify data by leveraging presence in an 802.11 network's coverage area and entering an account number.

Action-Not Available
Vendor-fisher-pricen/a
Product-smart_toy_bearn/a
CWE ID-CWE-287
Improper Authentication
CVE-2023-4816
Matching Score-4
Assigner-Hitachi Energy
ShareView Details
Matching Score-4
Assigner-Hitachi Energy
CVSS Score-6.9||MEDIUM
EPSS-0.52% / 40.83%
||
7 Day CHG~0.00%
Published-11 Sep, 2023 | 07:40
Updated-25 Sep, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability exists in the Equipment Tag Out authentication, when configured with Single Sign-On (SSO) with password validation in T214. This vulnerability can be exploited by an authenticated user per-forming an Equipment Tag Out holder action (Accept, Release, and Clear) for another user and entering an arbitrary password in the holder action confirmation dialog box. Despite entering an arbitrary password in the confirmation box, the system will execute the selected holder action.

Action-Not Available
Vendor-Hitachi Energy Ltd.
Product-asset_suiteAsset Suite 9
CWE ID-CWE-287
Improper Authentication
CVE-2022-4441
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.6||HIGH
EPSS-0.62% / 45.61%
||
7 Day CHG~0.00%
Published-31 Jan, 2023 | 01:42
Updated-26 Mar, 2025 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation Vulnerability in Hitachi Storage Plug-in for VMware vCenter

Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.9.0 before 04.9.1.

Action-Not Available
Vendor-Hitachi, Ltd.
Product-storage_plug-inHitachi Storage Plug-in for VMware vCenter
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-44610
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.55% / 42.40%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-data_center_managerIntel(R) DCM software
CWE ID-CWE-287
Improper Authentication
CVE-2017-8194
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-8.8||HIGH
EPSS-1.21% / 64.97%
||
7 Day CHG~0.00%
Published-22 Nov, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-fusionsphere_openstackFusionSphere OpenStack
CWE ID-CWE-287
Improper Authentication
CVE-2017-8195
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-8.8||HIGH
EPSS-1.17% / 63.99%
||
7 Day CHG~0.00%
Published-22 Nov, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability. Due to improper authentication on one port, an authenticated, remote attacker may exploit the vulnerability to execute more operations by send a crafted rest message.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-fusionsphere_openstackFusionSphere OpenStack
CWE ID-CWE-287
Improper Authentication
CVE-2021-28494
Matching Score-4
Assigner-Arista Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Arista Networks, Inc.
CVSS Score-9.6||CRITICAL
EPSS-0.88% / 54.93%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 12:46
Updated-03 Aug, 2024 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, authentication is bypassed by unprivileged users who are accessing the Web UI. This issue affects: Arista Metamako Operating System MOS-0.34.0 and prior releases

Action-Not Available
Vendor-Arista Networks, Inc.
Product-metamako_operating_system7130Metamako Operating System
CWE ID-CWE-287
Improper Authentication
CVE-2025-26438
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.8||HIGH
EPSS-0.32% / 23.56%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 17:11
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In smp_process_secure_connection_oob_data of smp_act.cc, there is a possible way to bypass SMP authentication due to Incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-287
Improper Authentication
CVE-2021-26077
Matching Score-4
Assigner-Atlassian
ShareView Details
Matching Score-4
Assigner-Atlassian
CVSS Score-9.1||CRITICAL
EPSS-0.95% / 57.34%
||
7 Day CHG~0.00%
Published-09 May, 2021 | 23:55
Updated-12 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.

Action-Not Available
Vendor-Atlassian
Product-connect_spring_bootAtlassian Connect Spring Boot (ACSB)
CWE ID-CWE-287
Improper Authentication
CVE-2026-5557
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.36% / 28.23%
||
7 Day CHG~0.00%
Published-05 Apr, 2026 | 09:45
Updated-24 Apr, 2026 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
badlogic pi-mono pi-mom Slack Bot slack.ts authentication bypass

A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-badlogic
Product-pi-mono
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2018-7943
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-8.8||HIGH
EPSS-1.23% / 65.51%
||
7 Day CHG~0.00%
Published-05 Jun, 2018 | 15:00
Updated-17 Sep, 2024 | 02:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ch242_v5_firmwarech242_v52288h_v5ch121l_v5_firmwarerh1288_v3xh620_v31288h_v5ch121l_v3_firmwarech121_v52488_v5ch140l_v3_firmwarech121_v3ch222_v3ch121l_v3ch222_v3_firmwarexh310_v3_firmwarech140_v3_firmwarech140_v3xh321_v5_firmwarexh321_v5ch220_v3_firmwarech140l_v3rh2288_v3_firmwarexh321_v3_firmware1288h_v5_firmwarerh2288h_v3_firmwarexh620_v3_firmwarech121_v3_firmwarerh1288_v3_firmwarech121l_v5rh2288h_v32288h_v5_firmwarexh310_v3rh2288_v32488_v5_firmwarexh321_v3ch121_v5_firmwarech220_v3ch242_v3ch242_v3_firmware1288H V5; 2288H V5; 2488 V5 ; CH121 V3; CH121L V3; CH121L V5 ; CH121 V5 ; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5 ; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3
CWE ID-CWE-287
Improper Authentication
CVE-2026-49194
Matching Score-4
Assigner-8fc372e3-d9c5-46e4-9410-38469745c639
ShareView Details
Matching Score-4
Assigner-8fc372e3-d9c5-46e4-9410-38469745c639
CVSS Score-9.4||CRITICAL
EPSS-0.23% / 14.02%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 06:21
Updated-04 Jun, 2026 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SCREEN_CLICK Authentication Bypass

The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface.

Action-Not Available
Vendor-Acer Inc.
Product-connect_m6e_5g_firmwareconnect_m6e_5gConnect M6E 5G Portable WiFi Router
CWE ID-CWE-287
Improper Authentication
CVE-2026-49443
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.30% / 21.79%
||
7 Day CHG~0.00%
Published-02 Jun, 2026 | 20:31
Updated-04 Jun, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
authentik: `UserSourceConnection.user` and `GroupSourceConnection.group` are changeable through the API

authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, an attacker with the ability to change a source connection, and an account in one of the configured sources can log into any account. This issue has been patched in versions 2025.12.6, 2026.2.4, and 2026.5.1.

Action-Not Available
Vendor-goauthentikgoauthentik
Product-authentikauthentik
CWE ID-CWE-287
Improper Authentication
CVE-2026-46937
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-8.8||HIGH
EPSS-0.40% / 32.55%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-18 Jun, 2026 | 21:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle iSetup product of Oracle E-Business Suite (component: General Ledger Update Transform, Reports). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iSetup. Successful attacks of this vulnerability can result in takeover of Oracle iSetup. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-isetupOracle iSetup
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46962
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-8.8||HIGH
EPSS-0.40% / 32.54%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:28
Updated-18 Jun, 2026 | 22:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Project Portfolio Analysis. Successful attacks of this vulnerability can result in takeover of Oracle Project Portfolio Analysis. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-project_portfolio_analysisOracle Project Portfolio Analysis
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46951
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-8.8||HIGH
EPSS-0.40% / 32.55%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:28
Updated-18 Jun, 2026 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Quality product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Quality. Successful attacks of this vulnerability can result in takeover of Oracle Quality. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-qualityOracle Quality
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46940
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-8.8||HIGH
EPSS-0.40% / 32.55%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:27
Updated-18 Jun, 2026 | 21:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Cost Management. Successful attacks of this vulnerability can result in takeover of Oracle Cost Management. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-cost_managementOracle Cost Management
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-46973
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-8.8||HIGH
EPSS-0.40% / 32.55%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 19:28
Updated-18 Jun, 2026 | 21:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Outsourced Mfg for Discrete Industries. Successful attacks of this vulnerability can result in takeover of Oracle Outsourced Mfg for Discrete Industries. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-outsourced_manufacturing_for_discrete_industriesOracle Outsourced Mfg for Discrete Industries
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found