Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-41126

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-06 Oct, 2021 | 17:25
Updated At-04 Aug, 2024 | 02:59
Rejected At-
Credits

Deleted Admin Can Sign In to Admin Interface

October is a Content Management System (CMS) and web platform built on the the Laravel PHP Framework. In affected versions administrator accounts which had previously been deleted may still be able to sign in to the backend using October CMS v2.0. The issue has been patched in v2.1.12 of the october/october package. There are no workarounds for this issue and all users should update.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:06 Oct, 2021 | 17:25
Updated At:04 Aug, 2024 | 02:59
Rejected At:
▼CVE Numbering Authority (CNA)
Deleted Admin Can Sign In to Admin Interface

October is a Content Management System (CMS) and web platform built on the the Laravel PHP Framework. In affected versions administrator accounts which had previously been deleted may still be able to sign in to the backend using October CMS v2.0. The issue has been patched in v2.1.12 of the october/october package. There are no workarounds for this issue and all users should update.

Affected Products
Vendor
octobercms
Product
october
Versions
Affected
  • >= 2.0.0, < 2.1.12
Problem Types
TypeCWE IDDescription
CWECWE-287CWE-287: Improper Authentication
Type: CWE
CWE ID: CWE-287
Description: CWE-287: Improper Authentication
Metrics
VersionBase scoreBase severityVector
3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/octobercms/october/security/advisories/GHSA-6gjf-7w99-j7x7
x_refsource_CONFIRM
https://octobercms.com/changelog
x_refsource_MISC
Hyperlink: https://github.com/octobercms/october/security/advisories/GHSA-6gjf-7w99-j7x7
Resource:
x_refsource_CONFIRM
Hyperlink: https://octobercms.com/changelog
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/octobercms/october/security/advisories/GHSA-6gjf-7w99-j7x7
x_refsource_CONFIRM
x_transferred
https://octobercms.com/changelog
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/octobercms/october/security/advisories/GHSA-6gjf-7w99-j7x7
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://octobercms.com/changelog
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:06 Oct, 2021 | 18:15
Updated At:14 Oct, 2021 | 16:43

October is a Content Management System (CMS) and web platform built on the the Laravel PHP Framework. In affected versions administrator accounts which had previously been deleted may still be able to sign in to the backend using October CMS v2.0. The issue has been patched in v2.1.12 of the october/october package. There are no workarounds for this issue and all users should update.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary2.06.5MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.5
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P
CPE Matches

octobercms
octobercms
>>october>>Versions from 2.0.0(inclusive) to 2.1.12(exclusive)
cpe:2.3:a:octobercms:october:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarysecurity-advisories@github.com
CWE ID: CWE-287
Type: Primary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/octobercms/october/security/advisories/GHSA-6gjf-7w99-j7x7security-advisories@github.com
Third Party Advisory
https://octobercms.com/changelogsecurity-advisories@github.com
Release Notes
Vendor Advisory
Hyperlink: https://github.com/octobercms/october/security/advisories/GHSA-6gjf-7w99-j7x7
Source: security-advisories@github.com
Resource:
Third Party Advisory
Hyperlink: https://octobercms.com/changelog
Source: security-advisories@github.com
Resource:
Release Notes
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

122Records found

CVE-2022-35944
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.86% / 54.19%
||
7 Day CHG~0.00%
Published-13 Oct, 2022 | 00:00
Updated-23 Apr, 2025 | 16:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
October CMS Safe Mode bypass leads to authenticated RCE (Remote Code Execution)

October is a self-hosted Content Management System (CMS) platform based on the Laravel PHP Framework. This vulnerability only affects installations that rely on the safe mode restriction, commonly used when providing public access to the admin panel. Assuming an attacker has access to the admin panel and permission to open the "Editor" section, they can bypass the Safe Mode (`cms.safe_mode`) restriction to introduce new PHP code in a CMS template using a specially crafted request. The issue has been patched in versions 2.2.34 and 3.0.66.

Action-Not Available
Vendor-octobercmsoctobercms
Product-octoberoctober
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-21705
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.2||HIGH
EPSS-8.68% / 94.48%
||
7 Day CHG~0.00%
Published-23 Feb, 2022 | 19:00
Updated-23 Apr, 2025 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated remote code execution in octobercms

Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions user input was not properly sanitized before rendering. An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass `cms.safe_mode` / `cms.enableSafeMode` in order to execute arbitrary code. This issue only affects admin panels that rely on safe mode and restricted permissions. To exploit this vulnerability, an attacker must first have access to the backend area. The issue has been patched in Build 474 (v1.0.474) and v1.1.10. Users unable to upgrade should apply https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe to your installation manually.

Action-Not Available
Vendor-octobercmsoctobercms
Product-octoberoctober
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2017-1000119
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-61.35% / 99.05%
||
7 Day CHG~0.00%
Published-04 Oct, 2017 | 01:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise and possibly other applications on the server.

Action-Not Available
Vendor-octobercmsn/a
Product-octobern/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-32649
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-1.34% / 67.78%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 15:05
Updated-23 Apr, 2025 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated file write leads to remote code execution in october/system

October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in the template markup. The issue has been patched in Build 473 (v1.0.473) and v1.1.6. Those unable to upgrade may apply the patch to their installation manually as a workaround.

Action-Not Available
Vendor-octobercmsoctobercms
Product-octoberoctober
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2021-32650
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-2.09% / 79.30%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 15:05
Updated-22 Apr, 2025 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary code execution in october/system

October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with access to the backend is able to execute PHP code by using the theme import feature. This will bypass the safe mode feature that prevents PHP execution in the CMS templates.The issue has been patched in Build 473 (v1.0.473) and v1.1.6. Those unable to upgrade may apply the patch to their installation manually as a workaround.

Action-Not Available
Vendor-octobercmsoctobercms
Product-octoberoctober
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2017-16941
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.56% / 72.20%
||
7 Day CHG~0.00%
Published-25 Nov, 2017 | 05:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

October CMS through 1.0.428 does not prevent use of .htaccess in themes, which allows remote authenticated users to execute arbitrary PHP code by downloading a theme ZIP archive from /backend/cms/themes, and then uploading and importing a modified archive with two new files: a .php file and a .htaccess file. NOTE: the vendor says "I don't think [an attacker able to login to the system under an account that has access to manage/upload themes] is a threat model that we need to be considering.

Action-Not Available
Vendor-octobercmsn/a
Product-octobern/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-29487
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-7.4||HIGH
EPSS-0.90% / 55.11%
||
7 Day CHG~0.00%
Published-26 Aug, 2021 | 19:00
Updated-03 Aug, 2024 | 22:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication bypass in Octobercms

octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can exploit this vulnerability to bypass authentication and takeover of and user account on an October CMS server. The vulnerability is exploitable by unauthenticated users via a specially crafted request. This only affects frontend users and the attacker must obtain a Laravel secret key for cookie encryption and signing in order to exploit this vulnerability. The issue has been patched in Build 472 and v1.1.5.

Action-Not Available
Vendor-octobercmsoctobercms
Product-octoberoctober
CWE ID-CWE-287
Improper Authentication
CVE-2021-32648
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-90.42% / 99.79%
||
7 Day CHG~0.00%
Published-26 Aug, 2021 | 19:00
Updated-24 Oct, 2025 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-02-01||Apply updates per vendor instructions.
Account Takeover in Octobercms

octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5.

Action-Not Available
Vendor-octobercmsoctobercmsOctober CMS
Product-octoberoctoberOctober CMS
CWE ID-CWE-287
Improper Authentication
CVE-2017-2689
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-1.40% / 69.08%
||
7 Day CHG~0.00%
Published-29 Mar, 2017 | 01:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings.

Action-Not Available
Vendor-n/aSiemens AG
Product-ruggedcom_rox_iRUGGEDCOM ROX I All versions
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-287
Improper Authentication
CVE-2025-15135
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.29% / 20.69%
||
7 Day CHG~0.00%
Published-28 Dec, 2025 | 12:02
Updated-29 Dec, 2025 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
joey-zhou xiaozhi-esp32-server-java Cookie AuthenticationInterceptor.java tryAuthenticateWithCookies improper authentication

A weakness has been identified in joey-zhou xiaozhi-esp32-server-java up to 3.0.0. This impacts the function tryAuthenticateWithCookies of the file AuthenticationInterceptor.java of the component Cookie Handler. Executing manipulation can lead to improper authentication. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. Upgrading to version 4.0.0 will fix this issue. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-joey-zhou
Product-xiaozhi-esp32-server-java
CWE ID-CWE-287
Improper Authentication
CVE-2026-5557
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.36% / 27.97%
||
7 Day CHG~0.00%
Published-05 Apr, 2026 | 09:45
Updated-24 Apr, 2026 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
badlogic pi-mono pi-mom Slack Bot slack.ts authentication bypass

A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-badlogic
Product-pi-mono
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-14908
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.30% / 22.01%
||
7 Day CHG~0.00%
Published-19 Dec, 2025 | 00:32
Updated-30 Dec, 2025 | 18:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JeecgBoot Multi-Tenant Management SysTenantController.java improper authentication

A security flaw has been discovered in JeecgBoot up to 3.9.0. The affected element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java of the component Multi-Tenant Management Module. Performing manipulation of the argument ID results in improper authentication. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. The patch is named e1c8f00bf2a2e0edddbaa8119afe1dc92d9dc1d2/67795493bdc579e489d3ab12e52a1793c4f8a0ee. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-jeecgn/a
Product-jeecg_bootJeecgBoot
CWE ID-CWE-287
Improper Authentication
CVE-2012-3462
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-1.61% / 72.94%
||
7 Day CHG~0.00%
Published-26 Dec, 2019 | 20:14
Updated-06 Aug, 2024 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.

Action-Not Available
Vendor-sssdFedora Project
Product-sssdsssd
CWE ID-CWE-287
Improper Authentication
CVE-2012-2414
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-2.72% / 84.21%
||
7 Day CHG~0.00%
Published-30 Apr, 2012 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to execute arbitrary commands via (1) the originate action in the MixMonitor application, (2) the SHELL and EVAL functions in the GetVar manager action, or (3) the SHELL and EVAL functions in the Status manager action.

Action-Not Available
Vendor-n/aAsterisk
Product-open_sourcen/a
CWE ID-CWE-287
Improper Authentication
CVE-2024-9927
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.2||HIGH
EPSS-0.45% / 36.23%
||
7 Day CHG~0.00%
Published-23 Oct, 2024 | 02:06
Updated-08 Apr, 2026 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WooCommerce Order Proposal <= 2.0.5 - Authenticated (Shop Manager+) Privilege Escalation via Order Proposal

The WooCommerce Order Proposal plugin for WordPress is vulnerable to privilege escalation via order proposal in all versions up to and including 2.0.5. This is due to the improper implementation of allow_payment_without_login function. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to log in to WordPress as an arbitrary user account, including administrators.

Action-Not Available
Vendor-wpovernightWP Overnight BVWordPress.org
Product-woocommerce_order_proposalWooCommerce Order Proposalwoocommerce_order_proposal
CWE ID-CWE-287
Improper Authentication
CVE-2022-32971
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-3.1||LOW
EPSS-0.44% / 35.39%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow a privileged user to potentially enable escalation of privilege via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-system_usage_reportIntel(R) SUR software
CWE ID-CWE-287
Improper Authentication
CVE-2019-8634
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-8.8||HIGH
EPSS-0.99% / 58.09%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 17:33
Updated-04 Aug, 2024 | 21:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5. A user may be unexpectedly logged in to another user’s account.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xmacOS
CWE ID-CWE-287
Improper Authentication
CVE-2019-15299
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.63% / 73.37%
||
7 Day CHG~0.00%
Published-24 Feb, 2020 | 12:55
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Centreon Web through 19.04.3. When a user changes his password on his profile page, the contact_autologin_key field in the database becomes blank when it should be NULL. This makes it possible to partially bypass authentication.

Action-Not Available
Vendor-n/aCENTREON
Product-centreon_webn/a
CWE ID-CWE-287
Improper Authentication
CVE-2022-30229
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.71% / 49.09%
||
7 Day CHG+0.01%
Published-14 Jun, 2022 | 09:21
Updated-12 Nov, 2025 | 08:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.6.6). The affected application does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to change data of a user, such as credentials, in case that user's id is known.

Action-Not Available
Vendor-Siemens AG
Product-sicam_gridedge_essentialSICAM GridEdge (Classic)
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-35203
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.96% / 77.93%
||
7 Day CHG~0.00%
Published-23 Aug, 2022 | 12:34
Updated-03 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated attackers to access sensitive system information.

Action-Not Available
Vendor-n/aTRENDnet, Inc.
Product-tv-ip572pitv-ip572pi_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2022-24857
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.3||HIGH
EPSS-1.10% / 61.64%
||
7 Day CHG+0.03%
Published-15 Apr, 2022 | 18:50
Updated-23 Apr, 2025 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multi factor authentication bypass in django-mfa3

django-mfa3 is a library that implements multi factor authentication for the django web framework. It achieves this by modifying the regular login view. Django however has a second login view for its admin area. This second login view was not modified, so the multi factor authentication can be bypassed. Users are affected if they have activated both django-mfa3 (< 0.5.0) and django.contrib.admin and have not taken any other measures to prevent users from accessing the admin login view. The issue has been fixed in django-mfa3 0.5.0. It is possible to work around the issue by overwriting the admin login route, e.g. by adding the following URL definition *before* the admin routes: url('admin/login/', lambda request: redirect(settings.LOGIN_URL)

Action-Not Available
Vendor-django-mfa3_projectxi
Product-django-mfa3django-mfa3
CWE ID-CWE-287
Improper Authentication
CVE-2022-23652
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-1.38% / 68.70%
||
7 Day CHG~0.00%
Published-22 Feb, 2022 | 19:55
Updated-22 Apr, 2025 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation using hop-by-hop Connection header

capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions prior to 0.2.1 an attacker with a proper authentication mechanism may use a malicious `Connection` header to start a privilege escalation attack towards the Kubernetes API Server. This vulnerability allows for an exploit of the `cluster-admin` Role bound to `capsule-proxy`. There are no known workarounds for this issue.

Action-Not Available
Vendor-clastixclastix
Product-capsule-proxycapsule-proxy
CWE ID-CWE-287
Improper Authentication
CVE-2021-30028
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.30% / 67.02%
||
7 Day CHG~0.00%
Published-20 May, 2022 | 14:54
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default credentials (the admin password for the admin account) to access the TELNET service, allowing attackers to erase/read/write the firmware remotely.

Action-Not Available
Vendor-sooteway_wi-fi_range_extender_projectn/a
Product-sooteway_wi-fi_range_extendern/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-14705
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.55% / 72.06%
||
7 Day CHG~0.00%
Published-06 Aug, 2019 | 22:24
Updated-05 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin.

Action-Not Available
Vendor-microdigitaln/a
Product-mdc-n4090mdc-n4090w_firmwaremdc-n2190v_firmwaremdc-n2190vmdc-n4090wmdc-n4090_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2009-1826
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-2.09% / 79.29%
||
7 Day CHG~0.00%
Published-29 May, 2009 | 20:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

modules/admuser.php in myGesuad 0.9.14 (aka 0.9) does not require administrative authentication, which allows remote authenticated users to list user accounts via a Find action.

Action-Not Available
Vendor-collectorn/a
Product-mygesuadn/a
CWE ID-CWE-287
Improper Authentication
CVE-2009-0906
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.21% / 64.55%
||
7 Day CHG~0.00%
Published-13 Aug, 2009 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Service Component Architecture (SCA) feature pack for IBM WebSphere Application Server (WAS) SCA 1.0 before 1.0.0.3 allows remote authenticated users to bypass intended authentication.transport access restrictions and obtain unspecified access via unknown vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CWE ID-CWE-287
Improper Authentication
CVE-2008-3428
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.16% / 63.24%
||
7 Day CHG~0.00%
Published-31 Jul, 2008 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Session fixation vulnerability in phpFreeChat 1.1 allows remote authenticated users to hijack web sessions by setting the session_id parameter to match the victim's nickid parameter.

Action-Not Available
Vendor-phpfreechatn/a
Product-phpfreechatn/a
CWE ID-CWE-287
Improper Authentication
CVE-2007-5374
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-2.19% / 80.19%
||
7 Day CHG~0.00%
Published-11 Oct, 2007 | 10:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cp_memberedit.php in LightBlog 8.4.1.1 does not check for administrative credentials when processing an admin action, which allows remote authenticated users to increase the privileges of any account.

Action-Not Available
Vendor-lightblogn/a
Product-lightblogn/a
CWE ID-CWE-287
Improper Authentication
CVE-2025-46607
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-6.6||MEDIUM
EPSS-0.37% / 28.81%
||
7 Day CHG~0.00%
Published-17 Apr, 2026 | 11:13
Updated-05 May, 2026 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access.

Action-Not Available
Vendor-Dell Inc.
Product-data_domain_operating_systemPowerProtect Data Domain
CWE ID-CWE-287
Improper Authentication
CVE-2022-1681
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.2||HIGH
EPSS-1.80% / 75.84%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 07:45
Updated-03 Aug, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication Bypass Using an Alternate Path or Channel in requarks/wiki

Authentication Bypass Using an Alternate Path or Channel in GitHub repository requarks/wiki prior to 2.5.281. User can get root user permissions

Action-Not Available
Vendor-requarksrequarks
Product-wiki.jsrequarks/wiki
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-287
Improper Authentication
CVE-2018-7943
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-8.8||HIGH
EPSS-1.23% / 65.23%
||
7 Day CHG~0.00%
Published-05 Jun, 2018 | 15:00
Updated-17 Sep, 2024 | 02:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ch242_v5_firmwarech242_v52288h_v5ch121l_v5_firmwarerh1288_v3xh620_v31288h_v5ch121l_v3_firmwarech121_v52488_v5ch140l_v3_firmwarech121_v3ch222_v3ch121l_v3ch222_v3_firmwarexh310_v3_firmwarech140_v3_firmwarech140_v3xh321_v5_firmwarexh321_v5ch220_v3_firmwarech140l_v3rh2288_v3_firmwarexh321_v3_firmware1288h_v5_firmwarerh2288h_v3_firmwarexh620_v3_firmwarech121_v3_firmwarerh1288_v3_firmwarech121l_v5rh2288h_v32288h_v5_firmwarexh310_v3rh2288_v32488_v5_firmwarexh321_v3ch121_v5_firmwarech220_v3ch242_v3ch242_v3_firmware1288H V5; 2288H V5; 2488 V5 ; CH121 V3; CH121L V3; CH121L V5 ; CH121 V5 ; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5 ; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3
CWE ID-CWE-287
Improper Authentication
CVE-2018-7941
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-8.8||HIGH
EPSS-0.77% / 50.97%
||
7 Day CHG~0.00%
Published-10 May, 2018 | 14:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege elevation.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ch242_v5_firmwarech242_v52288h_v5ch121l_v5_firmwarerh1288_v3xh620_v31288h_v5ch121l_v3_firmwarech121_v52488_v5ch140l_v3_firmwarech121_v3ch222_v3ch121l_v3ch222_v3_firmwarexh310_v3_firmwarech140_v3_firmwarech140_v3xh321_v5_firmwarexh321_v5ch220_v3_firmwarech140l_v3rh2288_v3_firmwarexh321_v3_firmware1288h_v5_firmwarerh2288h_v3_firmwarexh620_v3_firmwarech121_v3_firmwarerh1288_v3_firmwarech121l_v5rh2288h_v3xh310_v32288h_v5_firmwarerh2288_v32488_v5_firmwarexh321_v3ch121_v5_firmwarech220_v3ch242_v3ch242_v3_firmwareiBMC
CWE ID-CWE-287
Improper Authentication
CVE-2018-6960
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-8.8||HIGH
EPSS-2.57% / 83.27%
||
7 Day CHG~0.00%
Published-20 Apr, 2018 | 13:00
Updated-16 Sep, 2024 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Horizon DaaS (7.x before 8.0.0) contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-horizon_daasHorizon DaaS
CWE ID-CWE-287
Improper Authentication
CVE-2018-7067
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.2||HIGH
EPSS-1.34% / 67.96%
||
7 Day CHG~0.00%
Published-07 Dec, 2018 | 21:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise. An authentication flaw in all versions of ClearPass could allow an attacker to compromise the entire cluster through a specially crafted API call. Network access to the administrative web interface is required to exploit this vulnerability. Resolution: Fixed in 6.7.6 and 6.6.10-hotfix.

Action-Not Available
Vendor-Aruba NetworksHewlett Packard Enterprise (HPE)
Product-clearpass_policy_managerAruba ClearPass Policy Manager
CWE ID-CWE-287
Improper Authentication
CVE-2023-5844
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-4.3||MEDIUM
EPSS-0.55% / 42.13%
||
7 Day CHG~0.00%
Published-30 Oct, 2023 | 10:08
Updated-28 Nov, 2025 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unverified Password Change in pimcore/admin-ui-classic-bundle

Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0.

Action-Not Available
Vendor-Pimcore
Product-admin_classic_bundlepimcore/admin-ui-classic-bundleadmin_classic_bundle
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-620
Unverified Password Change
CVE-2018-4836
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-1.84% / 76.35%
||
7 Day CHG~0.00%
Published-25 Jan, 2018 | 14:00
Updated-16 Sep, 2024 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in TeleControl Server Basic < V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic's port 8000/tcp could escalate his privileges and perform administrative operations.

Action-Not Available
Vendor-Siemens AG
Product-telecontrol_server_basicTeleControl Server Basic
CWE ID-CWE-287
Improper Authentication
CVE-2026-44058
Matching Score-4
Assigner-Securin
ShareView Details
Matching Score-4
Assigner-Securin
CVSS Score-6.4||MEDIUM
EPSS-0.53% / 40.99%
||
7 Day CHG~0.00%
Published-21 May, 2026 | 07:34
Updated-22 May, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication bypass via admin auth user

An authentication bypass vulnerability in Netatalk 2.2.2 through 4.4.2 allows a remote privileged user to authenticate as an arbitrary user via the admin auth user mechanism.

Action-Not Available
Vendor-Netatalk
Product-Netatalk
CWE ID-CWE-287
Improper Authentication
CVE-2018-21263
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.93% / 56.22%
||
7 Day CHG~0.00%
Published-19 Jun, 2020 | 16:45
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authenticate to a different user's account via a crafted SAML response.

Action-Not Available
Vendor-n/aMattermost, Inc.
Product-mattermost_servern/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-45379
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.00% / 58.42%
||
7 Day CHG~0.00%
Published-30 Dec, 2021 | 17:35
Updated-04 Aug, 2024 | 04:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password.

Action-Not Available
Vendor-glewlwyd_projectn/a
Product-glewlwydn/a
CWE ID-CWE-287
Improper Authentication
CVE-2026-3739
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.32% / 23.72%
||
7 Day CHG~0.00%
Published-08 Mar, 2026 | 14:02
Updated-22 Apr, 2026 | 21:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
suitenumerique messages ThreadAccess serializers.py ThreadAccessSerializer improper authentication

A security flaw has been discovered in suitenumerique messages 0.2.0. This issue affects the function ThreadAccessSerializer of the file src/backend/core/api/serializers.py of the component ThreadAccess. The manipulation results in improper authentication. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading to version 0.3.0 is capable of addressing this issue. The patch is identified as d7729f4b885449f6dee3faf8b5f2a05769fb3d6e. The affected component should be upgraded.

Action-Not Available
Vendor-suitenumerique
Product-messages
CWE ID-CWE-287
Improper Authentication
CVE-2021-42072
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.60% / 72.85%
||
7 Day CHG~0.00%
Published-08 Nov, 2021 | 03:44
Updated-04 Aug, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Barrier before 2.4.0. The barriers component (aka the server-side implementation of Barrier) does not sufficiently verify the identify of connecting clients. Clients can thus exploit weaknesses in the provided protocol to cause denial-of-service or stage further attacks that could lead to information leaks or integrity corruption.

Action-Not Available
Vendor-barrier_projectn/aFedora Project
Product-fedorabarriern/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-18877
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.71% / 74.50%
||
7 Day CHG~0.00%
Published-18 Jun, 2019 | 14:26
Updated-05 Aug, 2024 | 11:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can access an alternative configuration page config_main.php that allows manipulation of the device.

Action-Not Available
Vendor-columbiaweathern/a
Product-weather_microserver_firmwareweather_microservern/a
CWE ID-CWE-287
Improper Authentication
CVE-2022-1049
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-1.82% / 76.19%
||
7 Day CHG~0.00%
Published-25 Mar, 2022 | 18:03
Updated-02 Aug, 2024 | 23:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

Action-Not Available
Vendor-clusterlabsn/aDebian GNU/Linux
Product-debian_linuxpcsclusterlabs/pcs
CWE ID-CWE-287
Improper Authentication
CVE-2018-1672
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5||MEDIUM
EPSS-1.16% / 63.18%
||
7 Day CHG~0.00%
Published-01 Oct, 2018 | 15:00
Updated-17 Sep, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. IBM X-Force ID: 144958.

Action-Not Available
Vendor-IBM Corporation
Product-websphere_portalWebSphere Portal
CWE ID-CWE-287
Improper Authentication
CVE-2017-2872
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.9||CRITICAL
EPSS-1.63% / 73.40%
||
7 Day CHG~0.00%
Published-17 Sep, 2018 | 20:00
Updated-16 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A HTTP request can allow for a user to perform a firmware upgrade using a crafted image. Before any firmware upgrades in this image are flashed to the device, binaries as well as arguments to shell commands contained in the image are executed with elevated privileges.

Action-Not Available
Vendor-foscamFoscam
Product-c1_firmwarec1Foscam Indoor IP Camera C1 Series
CWE ID-CWE-287
Improper Authentication
CVE-2021-43833
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.1||HIGH
EPSS-0.81% / 52.51%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 23:20
Updated-04 Aug, 2024 | 04:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Account takeover in eLabFTW

eLabFTW is an electronic lab notebook manager for research teams. In versions prior to 4.2.0 there is a vulnerability which allows any authenticated user to gain access to arbitrary accounts by setting a specially crafted email address. This vulnerability impacts all instances that have not set an explicit email domain name allowlist. Note that whereas neither administrators nor targeted users are notified of a change, an attacker will need to control an account. The default settings require administrators to validate newly created accounts. The problem has been patched. Users should upgrade to at least version 4.2.0. For users unable to upgrade enabling an email domain allow list (from Sysconfig panel, Security tab) will completely resolve the issue.

Action-Not Available
Vendor-elabftwelabftw
Product-elabftwelabftw
CWE ID-CWE-287
Improper Authentication
CVE-2018-1418
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.8||HIGH
EPSS-52.07% / 98.83%
||
7 Day CHG-1.31%
Published-26 Apr, 2018 | 14:00
Updated-17 Sep, 2024 | 01:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security QRadar SIEM 7.2 and 7.3 could allow a user to bypass authentication which could lead to code execution. IBM X-Force ID: 138824.

Action-Not Available
Vendor-IBM Corporation
Product-qradar_security_information_and_event_managerSecurity QRadar SIEM
CWE ID-CWE-287
Improper Authentication
CVE-2021-43834
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.98% / 57.83%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 23:20
Updated-04 Aug, 2024 | 04:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Authentication in elabftw

eLabFTW is an electronic lab notebook manager for research teams. In versions prior to 4.2.0 there is a vulnerability which allows an attacker to authenticate as an existing user, if that user was created using a single sign-on authentication option such as LDAP or SAML. It impacts instances where LDAP or SAML is used for authentication instead of the (default) local password mechanism. Users should upgrade to at least version 4.2.0.

Action-Not Available
Vendor-elabftwelabftw
Product-elabftwelabftw
CWE ID-CWE-287
Improper Authentication
CVE-2021-43116
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-7.23% / 93.56%
||
7 Day CHG+1.68%
Published-05 Jul, 2022 | 00:00
Updated-04 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login.

Action-Not Available
Vendor-alibaban/a
Product-nacosn/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-41265
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.1||HIGH
EPSS-1.25% / 65.79%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 16:40
Updated-07 Mar, 2025 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Authentication in Flask-AppBuilder

Flask-AppBuilder is a development framework built on top of Flask. Verions prior to 3.3.4 contain an improper authentication vulnerability in the REST API. The issue allows for a malicious actor with a carefully crafted request to successfully authenticate and gain access to existing protected REST API endpoints. This only affects non database authentication types and new REST API endpoints. Users should upgrade to Flask-AppBuilder 3.3.4 to receive a patch.

Action-Not Available
Vendor-dpgaspardpgaspar
Product-flask-appbuilderFlask-AppBuilder
CWE ID-CWE-287
Improper Authentication
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found