Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-34873

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-01 Apr, 2026 | 00:00
Updated At-02 Apr, 2026 | 16:24
Rejected At-
Credits

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–ĽCommon Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:01 Apr, 2026 | 00:00
Updated At:02 Apr, 2026 | 16:24
Rejected At:
â–ĽCVE Numbering Authority (CNA)

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://mbed-tls.readthedocs.io/en/latest/security-advisories/
N/A
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-client-impersonation-while-resuming-tls13-session/
N/A
Hyperlink: https://mbed-tls.readthedocs.io/en/latest/security-advisories/
Resource: N/A
Hyperlink: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-client-impersonation-while-resuming-tls13-session/
Resource: N/A
â–ĽAuthorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-287CWE-287 Improper Authentication
Type: CWE
CWE ID: CWE-287
Description: CWE-287 Improper Authentication
Metrics
VersionBase scoreBase severityVector
3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–ĽNational Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:01 Apr, 2026 | 21:17
Updated At:05 Jun, 2026 | 19:38

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Type: Secondary
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CPE Matches

trustedfirmware
trustedfirmware
>>mbed_tls>>Versions from 3.5.0(inclusive) to 3.6.6(exclusive)
cpe:2.3:a:trustedfirmware:mbed_tls:*:*:*:*:*:*:*:*
trustedfirmware
trustedfirmware
>>mbed_tls>>Versions from 4.0.0(inclusive) to 4.1.0(exclusive)
cpe:2.3:a:trustedfirmware:mbed_tls:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-287
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://mbed-tls.readthedocs.io/en/latest/security-advisories/cve@mitre.org
Vendor Advisory
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-client-impersonation-while-resuming-tls13-session/cve@mitre.org
Vendor Advisory
Hyperlink: https://mbed-tls.readthedocs.io/en/latest/security-advisories/
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-client-impersonation-while-resuming-tls13-session/
Source: cve@mitre.org
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

119Records found

CVE-2023-3065
Matching Score-4
Assigner-Switzerland National Cyber Security Centre (NCSC)
ShareView Details
Matching Score-4
Assigner-Switzerland National Cyber Security Centre (NCSC)
CVSS Score-9.1||CRITICAL
EPSS-0.78% / 51.52%
||
7 Day CHG~0.00%
Published-05 Jun, 2023 | 08:27
Updated-08 Jan, 2025 | 17:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mobatime mobile application - Authentication bypass

Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.This issue affects Mobatime mobile application AMXGT100 through 1.3.20.

Action-Not Available
Vendor-mobatimeMobatime
Product-amxgt_100Mobatime mobile application AMXGT100
CWE ID-CWE-287
Improper Authentication
CVE-2018-18571
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-2.81% / 84.82%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:53
Updated-05 Aug, 2024 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Incorrect Access Control vulnerability has been identified in Citrix XenMobile Server 10.8.0 before Rolling Patch 6 and 10.9.0 before Rolling Patch 3. An attacker can impersonate and take actions on behalf of any Mobile Application Management (MAM) enrolled device.

Action-Not Available
Vendor-n/aCitrix (Cloud Software Group, Inc.)
Product-xenmobile_servern/a
CWE ID-CWE-287
Improper Authentication
CVE-2026-35030
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.4||CRITICAL
EPSS-0.49% / 38.59%
||
7 Day CHG+0.09%
Published-06 Apr, 2026 | 16:47
Updated-30 Jun, 2026 | 03:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LiteLLM has an authentication bypass via OIDC userinfo cache key collision

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, when JWT authentication is enabled (enable_jwt_auth: true), the OIDC userinfo cache uses token[:20] as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters. This configuration option is not enabled by default. Most instances are not affected. An unauthenticated attacker can craft a token whose first 20 characters match a legitimate user's cached token. On cache hit, the attacker inherits the legitimate user's identity and permissions. This affects deployments with JWT/OIDC authentication enabled. Fixed in v1.83.0.

Action-Not Available
Vendor-litellmBerriAIRed Hat, Inc.
Product-litellmlitellmRed Hat Ansible Automation Platform 2.6Red Hat OpenShift AI (RHOAI)Red Hat OpenShift AI 3.3Red Hat OpenShift AI 2.25Lightspeed Core
CWE ID-CWE-222
Truncation of Security-relevant Information
CWE ID-CWE-287
Improper Authentication
CVE-2026-34727
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.4||HIGH
EPSS-0.28% / 19.91%
||
7 Day CHG~0.00%
Published-10 Apr, 2026 | 15:45
Updated-20 Apr, 2026 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vikunja ahs a TOTP Two-Factor Authentication Bypass via OIDC Login Path

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the OIDC callback handler issues a full JWT token without checking whether the matched user has TOTP two-factor authentication enabled. When a local user with TOTP enrolled is matched via the OIDC email fallback mechanism, the second factor is completely skipped. This vulnerability is fixed in 2.3.0.

Action-Not Available
Vendor-vikunjago-vikunja
Product-vikunjavikunja
CWE ID-CWE-287
Improper Authentication
CVE-2023-29129
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.1||CRITICAL
EPSS-0.89% / 54.91%
||
7 Day CHG~0.00%
Published-13 Jun, 2023 | 08:17
Updated-03 Jan, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.17.3 < V1.18.0), Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V2.4.0), Mendix SAML (Mendix 8 compatible) (All versions >= V2.2.0 < V2.3.0), Mendix SAML (Mendix 9 latest compatible, New Track) (All versions >= V3.3.1 < V3.6.1), Mendix SAML (Mendix 9 latest compatible, New Track) (All versions >= V3.1.9 < V3.3.1), Mendix SAML (Mendix 9 latest compatible, Upgrade Track) (All versions >= V3.3.0 < V3.6.0), Mendix SAML (Mendix 9 latest compatible, Upgrade Track) (All versions >= V3.1.8 < V3.3.0), Mendix SAML (Mendix 9.12/9.18 compatible, New Track) (All versions >= V3.3.1 < V3.3.15), Mendix SAML (Mendix 9.12/9.18 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.3.14), Mendix SAML (Mendix 9.6 compatible, New Track) (All versions >= V3.1.9 < V3.2.7), Mendix SAML (Mendix 9.6 compatible, Upgrade Track) (All versions >= V3.1.8 < V3.2.6). The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass authentication and get access to the application. This CVE entry describes the incomplete fix for CVE-2023-25957 in a specific non default configuration.

Action-Not Available
Vendor-mendixSiemens AG
Product-samlMendix SAML (Mendix 9.6 compatible, Upgrade Track)Mendix SAML (Mendix 9 latest compatible, New Track)Mendix SAML (Mendix 9.6 compatible, New Track)Mendix SAML (Mendix 8 compatible)Mendix SAML (Mendix 9.12/9.18 compatible, New Track)Mendix SAML (Mendix 9 latest compatible, Upgrade Track)Mendix SAML (Mendix 9.12/9.18 compatible, Upgrade Track)Mendix SAML (Mendix 7 compatible)
CWE ID-CWE-303
Incorrect Implementation of Authentication Algorithm
CWE ID-CWE-287
Improper Authentication
CVE-2023-28540
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.43% / 34.56%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 05:00
Updated-27 Feb, 2025 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Authentication in Data Modem

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm7325-ae_firmwaresm6250p_firmwareqcs610315_5g_iot_modem_firmwareqca8337qfw7124sg8275p_firmwareqca6431_firmwarewcd9360_firmwarewsa8840snapdragon_212_mobile_platformwcn3950_firmwareqcs2290qca6595au_firmwaresnapdragon_x70_modem-rf_systemsm8350csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwareapq5053-aa_firmwarewcn685x-1sm7350-ab_firmwaresm4375wcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresm6375_firmwarewcn3660bsm7150-acsd460_firmwaresm7315_firmwaresm7325-aeqca6574au_firmwaresm4250-aawcd9375_firmwarewcn3998_firmwareqca8081_firmwaresm6225-adqca6420wcd9360snapdragon_auto_5g_modem-rf_firmwaresm6225-ad_firmwarewsa8840_firmwareqca6698aqqcs6125sd662_firmwaresm7250-ab_firmwareqca6430wcd9340sw5100qca6436qca6698aq_firmwaremsm8905wcn685x-1_firmwaresm8150_firmwarewcd9341qca6431qca6696_firmwarewcd9371wcn3910_firmwaresm4350_firmwareqcc710_firmwaresm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresm7225_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988sm4250-aa_firmwaresm8475wcn6750_firmwaresm6125_firmwarewcn3610snapdragon_675_mobile_platform_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwaresw5100psnapdragon_w5\+_gen_1_wearable_platformqcm8550snapdragon_7c\+_gen_3_computewcd9380qcs410snapdragon_210_processorsm7150-aa_firmwaresg8275pqca6430_firmwarewcd9335_firmwareqfw7114_firmwarewcn3980wsa8845sm7225qcm4325_firmwarewcd9340_firmwarewsa8815sm6150-ac_firmwarewcn3910qca6426_firmwarewcn3660b_firmwareqcn9024wcn3980_firmwaresd730snapdragon_x50_5g_modem-rf_system_firmwaresm7150-aasc7180-ac_firmwareqca6421_firmwaresm6350sm7125sm8475_firmwarewcn6740_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemsm7150-ab_firmwaresm8350_firmwaresnapdragon_x75_5g_modem-rf_system_firmwaresm6350_firmwarewcn785x-1_firmwareqcn9024_firmwaresdx57msnapdragon_8\+_gen_2_mobile_platformqcm4290_firmwarewsa8832sw5100p_firmwareqcs610_firmwareqcc710qcs4490sdm439_firmwarewcd9395qca6391_firmwarewcd9370_firmwareqm215_firmwaresm8550p_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresd675csra6640sm8250qfw7124_firmwarear8035_firmwareqcm2290wcn3991_firmwaresnapdragon_662_mobile_platform_firmwarewsa8830sm6125qcs2290_firmwarewcn785x-5csra6620qcn6224_firmwaresm7250-ac_firmwareqcs4290qca6420_firmwaresc7180-acqca6390_firmwaresd730_firmwarewcd9370sd675_firmwareqca6426wcn3990_firmwaresnapdragon_8_gen_2_mobile_platformsm8450sm8250-abwcd9385_firmwarewcd9326_firmwarewcn3615_firmwaresd662sm7325-afsnapdragon_x55_5g_modem-rf_systemmsm8905_firmwarewcn3680b_firmwaresdx55_firmwaresnapdragon_4_gen_2_mobile_platformsnapdragon_212_mobile_platform_firmwareqca6595ausm7325-af_firmwarewsa8845h_firmwareqfw7114sm7250p_firmwarewcn3615wcn3610_firmwareqca6436_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x70_modem-rf_system_firmwareqcs6490qcs8550_firmwaresm8250_firmwaresm8250-acwcn3988_firmware315_5g_iot_modemqm215qca6421sm6250sm7250-aawsa8810_firmwareqcn6224sm4375_firmwaresm8450_firmwaresc7180-adwsa8845hwcd9326snapdragon_x75_5g_modem-rf_systemsg4150pwcd9335wcd9395_firmwareqca8081qcm4490qcs4290_firmwarewcd9385sxr2130_firmwareqcs6490_firmwaresm7150-abqca6390ar8035wcd9375aqt1000snapdragon_210_processor_firmwaresm6250_firmwarewcd9390snapdragon_662_mobile_platformsm8150qcm6490wsa8815_firmwarewsa8835_firmwaresm7350-absg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qcm6125_firmwareqcm4325qcm2290_firmwareapq5053-aawcn3990sd_675sd865_5gsm8350-ac_firmwaresdm439sm8150-acsd888wsa8835sc7180-ad_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresnapdragon_auto_5g_modem-rfqcn6274sm6250psnapdragon_4_gen_2_mobile_platform_firmwaresxr2130qca6574awcn685x-5_firmwaresm7325psm7325wcn6750sm7150-ac_firmwaresm7250-absd855sm7325p_firmwaresdx57m_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwarewcn785x-5_firmwaresm7315sd460qca6391sm8250-ab_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareaqt1000_firmwareqcm4490_firmwareqcn6274_firmwareqcm4290qcm6490_firmwarewsa8832_firmwarewcn685x-5qca6574auwcd9341_firmwareqcm6125wsa8810sm7250-aa_firmwaresm7250-acsm8550psm8150-ac_firmwarewcn3680bsm8350-acsnapdragon_675_mobile_platformwcn6740qca6696qcs8550sm4350sm6150-acsm7125_firmwaresnapdragon_x50_5g_modem-rf_systemwcd9390_firmwareqcn6024sm7250psw5100_firmwareqcs410_firmwaresm7325_firmwareSnapdragon
CWE ID-CWE-287
Improper Authentication
CVE-2018-15152
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-25.94% / 97.73%
||
7 Day CHG~0.00%
Published-15 Aug, 2018 | 17:00
Updated-05 Aug, 2024 | 09:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker to access (1) portal/add_edit_event_user.php, (2) portal/find_appt_popup_user.php, (3) portal/get_allergies.php, (4) portal/get_amendments.php, (5) portal/get_lab_results.php, (6) portal/get_medications.php, (7) portal/get_patient_documents.php, (8) portal/get_problems.php, (9) portal/get_profile.php, (10) portal/portal_payment.php, (11) portal/messaging/messages.php, (12) portal/messaging/secure_chat.php, (13) portal/report/pat_ledger.php, (14) portal/report/portal_custom_report.php, or (15) portal/report/portal_patient_report.php without authenticating as a patient.

Action-Not Available
Vendor-n/aOpenEMR Foundation, Inc
Product-openemrn/a
CWE ID-CWE-287
Improper Authentication
CVE-2026-33409
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7||HIGH
EPSS-0.46% / 36.34%
||
7 Day CHG~0.00%
Published-24 Mar, 2026 | 18:11
Updated-25 Mar, 2026 | 21:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Parse Server: Auth provider validation bypass on login via partial authData

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.52 and 9.6.0-alpha.41, an authentication bypass vulnerability allows an attacker to log in as any user who has linked a third-party authentication provider, without knowing the user's credentials. The attacker only needs to know the user's provider ID to gain full access to their account, including a valid session token. This affects Parse Server deployments where the server option allowExpiredAuthDataToken is set to true. The default value is false. This issue has been patched in versions 8.6.52 and 9.6.0-alpha.41.

Action-Not Available
Vendor-parseplatformparse-community
Product-parse-serverparse-server
CWE ID-CWE-287
Improper Authentication
CVE-2026-33432
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.7||HIGH
EPSS-0.42% / 34.03%
||
7 Day CHG~0.00%
Published-20 Apr, 2026 | 20:26
Updated-24 Apr, 2026 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Roxy-WI has Pre-Authentication LDAP Injection that Leads to Authentication Bypass

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions up to and including 8.2.8.2, when LDAP authentication is enabled, Roxy-WI constructs an LDAP search filter by directly concatenating the user-supplied login username into the filter string without escaping LDAP special characters. An unauthenticated attacker can inject LDAP filter metacharacters into the username field to manipulate the search query, cause the directory to return an unintended user entry, and bypass authentication entirely — gaining access to the application without knowing any valid password. As of time of publication, no known patches are available.

Action-Not Available
Vendor-roxy-wiroxy-wi
Product-roxy-wiroxy-wi
CWE ID-CWE-287
Improper Authentication
CVE-2026-33117
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.48% / 37.90%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:58
Updated-19 Jun, 2026 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure SDK for Java Security Feature Bypass Vulnerability

The Java Key Vault Keys library in the Azure SDK for Java contains an issue in the local cryptographic verification path where authentication tag comparison was implemented incorrectly. In affected applications that use the vulnerable local cryptography path, specially crafted encrypted input may bypass integrity verification checks. Operations delegated to the Key Vault service are not affected. The issue is addressed in version 4.10.6.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_sdk_for_javaAzure SDK for Java
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2021-43834
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.98% / 57.83%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 23:20
Updated-04 Aug, 2024 | 04:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Authentication in elabftw

eLabFTW is an electronic lab notebook manager for research teams. In versions prior to 4.2.0 there is a vulnerability which allows an attacker to authenticate as an existing user, if that user was created using a single sign-on authentication option such as LDAP or SAML. It impacts instances where LDAP or SAML is used for authentication instead of the (default) local password mechanism. Users should upgrade to at least version 4.2.0.

Action-Not Available
Vendor-elabftwelabftw
Product-elabftwelabftw
CWE ID-CWE-287
Improper Authentication
CVE-2026-29145
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.1||CRITICAL
EPSS-0.71% / 49.20%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 19:20
Updated-14 Apr, 2026 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Tomcat, Apache Tomcat Native: OCSP checks sometimes soft-fail even when soft-fail is disabled

CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M7 through 10.1.52, from 9.0.83 through 9.0.115; Apache Tomcat Native: from 1.1.23 through 1.1.34, from 1.2.0 through 1.2.39, from 1.3.0 through 1.3.6, from 2.0.0 through 2.0.13. Users are recommended to upgrade to version Tomcat Native 1.3.7 or 2.0.14 and Tomcat 11.0.20, 10.1.53 and 9.0.116, which fix the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-tomcat_nativetomcatApache Tomcat NativeApache Tomcat
CWE ID-CWE-287
Improper Authentication
CVE-2021-41292
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-1.13% / 62.56%
||
7 Day CHG~0.00%
Published-30 Sep, 2021 | 10:40
Updated-17 Sep, 2024 | 03:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ECOA BAS controller - Broken Authentication

ECOA BAS controller suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can remotely bypass authentication and disclose sensitive information and circumvent physical access controls in smart homes and buildings and manipulate HVAC.

Action-Not Available
Vendor-ecoaECOA
Product-ecs_router_controller-ecs_firmwareecs_router_controller-ecsriskbusterriskterminatorriskbuster_firmwareECS Router Controller ECS (FLASH)RiskBuster System RB 3.0.0RiskBuster System TRANE 1.0Graphic Control SoftwareRiskBuster Terminator E6L45SmartHome II E9246RiskTerminator
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-287
Improper Authentication
CVE-2026-28215
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.46% / 36.36%
||
7 Day CHG~0.00%
Published-26 Feb, 2026 | 22:34
Updated-02 Mar, 2026 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
hoppscotch Vulnerable to Unauthenticated Onboarding Config Takeover

hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, an unauthenticated attacker can overwrite the entire infrastructure configuration of a self-hosted Hoppscotch instance including OAuth provider credentials and SMTP settings by sending a single HTTP POST request with no authentication. The endpoint POST /v1/onboarding/config has no authentication guard and performs no check on whether onboarding was already completed. A successful exploit allows the attacker to replace the instance's Google/GitHub/Microsoft OAuth application credentials with their own, causing all subsequent user logins via SSO to authenticate against the attacker's OAuth app. The attacker captures OAuth tokens and email addresses of every user who logs in after the exploit. Additionally, the endpoint returns a recovery token that can be used to read all stored secrets in plaintext, including SMTP passwords and any other configured credentials. Version 2026.2.0 fixes the issue.

Action-Not Available
Vendor-hoppscotchhoppscotch
Product-hoppscotchhoppscotch
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-287
Improper Authentication
CVE-2023-25957
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.1||CRITICAL
EPSS-0.58% / 43.53%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 09:31
Updated-27 Feb, 2025 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix 8 compatible) (All versions >= V2.2.0 < V2.3.0), Mendix SAML (Mendix 9 latest compatible, New Track) (All versions >= V3.1.9 < V3.3.1), Mendix SAML (Mendix 9 latest compatible, Upgrade Track) (All versions >= V3.1.8 < V3.3.0), Mendix SAML (Mendix 9.6 compatible, New Track) (All versions >= V3.1.9 < V3.2.7), Mendix SAML (Mendix 9.6 compatible, Upgrade Track) (All versions >= V3.1.8 < V3.2.6). The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass authentication and get access to the application. For compatibility reasons, fix versions still contain this issue, but only when the recommended, default configuration option `'Use Encryption'` is disabled.

Action-Not Available
Vendor-mendixSiemens AG
Product-samlMendix SAML (Mendix 9 latest compatible, New Track)Mendix SAML (Mendix 8 compatible)Mendix SAML (Mendix 9 latest compatible, Upgrade Track)Mendix SAML (Mendix 9.6 compatible, New Track)Mendix SAML (Mendix 9.6 compatible, Upgrade Track)Mendix SAML (Mendix 7 compatible)
CWE ID-CWE-303
Incorrect Implementation of Authentication Algorithm
CWE ID-CWE-287
Improper Authentication
CVE-2023-44152
Matching Score-4
Assigner-Acronis International GmbH
ShareView Details
Matching Score-4
Assigner-Acronis International GmbH
CVSS Score-6.1||MEDIUM
EPSS-0.57% / 43.17%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 11:59
Updated-23 Sep, 2024 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.

Action-Not Available
Vendor-Linux Kernel Organization, IncAcronis (Acronis International GmbH)Apple Inc.Microsoft Corporation
Product-cyber_protectmacoswindowslinux_kernelAcronis Cyber Protect 15
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-287
Improper Authentication
CVE-2026-27197
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.43% / 34.96%
||
7 Day CHG~0.00%
Published-21 Feb, 2026 | 04:35
Updated-24 Feb, 2026 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sentry: Improper Authentication on SAML SSO process allows user identity linking

Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulnerability in its SAML SSO implementation which allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on the same Sentry instance. Self-hosted users are only at risk if the following criteria is met: ore than one organizations are configured (SENTRY_SINGLE_ORGANIZATION = True), or malicious user has existing access and permissions to modify SSO settings for another organization in a multo-organization instance. This issue has been fixed in version 26.2.0. To workaround this issue, implement user account-based two-factor authentication to prevent an attacker from being able to complete authentication with a victim's user account. Organization administrators cannot do this on a user's behalf, this requires individual users to ensure 2FA has been enabled for their account.

Action-Not Available
Vendor-sentrygetsentry
Product-sentrysentry
CWE ID-CWE-287
Improper Authentication
CVE-2021-3850
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.1||CRITICAL
EPSS-2.17% / 80.06%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 14:20
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication Bypass by Primary Weakness in adodb/adodb

Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.

Action-Not Available
Vendor-adodb_projectadodbDebian GNU/Linux
Product-debian_linuxadodbadodb/adodb
CWE ID-CWE-305
Authentication Bypass by Primary Weakness
CWE ID-CWE-287
Improper Authentication
CVE-2017-20235
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.45% / 36.10%
||
7 Day CHG~0.00%
Published-03 Apr, 2026 | 22:51
Updated-25 May, 2026 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ProSoft Technology ICX35-HWC Authentication Bypass

ProSoft Technology ICX35-HWC version 1.3 and prior cellular gateways contain an authentication bypass vulnerability in the web user interface that allows unauthenticated attackers to gain access to administrative functions without valid credentials. Attackers can bypass the authentication mechanism in affected firmware versions to obtain full administrative access to device configuration and settings.

Action-Not Available
Vendor-prosoft-technologyProSoft Technology
Product-icx35-hwc_firmwareicx35-hwcICX35-HWC Cellular Gateway
CWE ID-CWE-287
Improper Authentication
CVE-2026-2418
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 14.97%
||
7 Day CHG~0.00%
Published-05 Mar, 2026 | 06:00
Updated-02 Apr, 2026 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Login with Salesforce <= 1.0.2 - Unauthenticated Authentication Bypass

The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed to login through Salesforce, allowing unauthenticated users to be authenticated as any user (such as admin) by simply knowing the email

Action-Not Available
Vendor-Unknown
Product-Login with Salesforce
CWE ID-CWE-287
Improper Authentication
CVE-2023-33054
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.36% / 28.08%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Authentication in GPS HLOS Driver

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gsw5100pqca6595qcs610_firmwarewcd9335wcd9370qca8081_firmwaresm7250-absnapdragon_x50_5g_modem-rf_systemqca6696wcd9340_firmwarewcd9341_firmwarewcd9395_firmware8998qcn6024sdm845qcc710_firmwareqca6426wcn6740_firmwarewcn3610sm7325-ae_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395qca6574au_firmwarewcn785x-5qam8295psm8150_firmwarewcd9341qca6574auwcd9390snapdragon_x12_lte_modemwsa8810_firmwaresd730_firmwarewsa8845h_firmwarecsra6640wcn3660b_firmwaresd730qcs5430sm8150-acsm6375_firmwaresd835_firmwareqcn6024_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresm7150-acqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresm8350qcm6125_firmwareqcc710sm6375sm7250-aa_firmware315_5g_iot_modem_firmwaresda845sm8450_firmwarevideo_collaboration_vc1_platformqfw7114wcd9385_firmwareqca6421315_5g_iot_modemsnapdragon_x55_5g_modem-rf_systemqca6310sa8155_firmwaresm7150-abqcs603_firmwareqca6335qcs4490snapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155pqca6421_firmwareqcm6125sm7150-ac_firmwarewsa8810video_collaboration_vc5_platform_firmwaresnapdragon_8\+_gen_2_mobile_platformsm8350-acqca6595ausm7325_firmwaresm7315_firmwarewcd9326_firmwaresa6155p_firmwarewsa8840qcs8550_firmwaresd835qfw7124_firmwareqca6436_firmwaresnapdragon_wear_4100\+_platform_firmwareqcs4490_firmwaresnapdragon_8_gen_2_mobile_platformwcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm8250-ac_firmwareqca6420wcn3910wcd9370_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asm7325-aeqca6174asa8195pwcd9340qcs8250_firmwareqcm2290sm6150-acsm6225snapdragon_auto_5g_modem-rf_gen_2qca6335_firmwareqcm6490sm8150-ac_firmwaresm8550p_firmwarewcn3998_firmwareqcm8550wcn3988qcn9024qca6574sm7325-afsnapdragon_x75_5g_modem-rf_systemqca6430_firmwareqcs605qcn9024_firmwarewsa8845hwcd9326sa6150psm7250-aaqcs410qcm2290_firmwarewcn685x-1_firmwaresa8155p_firmwaresa8155pwsa8830snapdragon_675_mobile_platformsm8550psa6145pwcn785x-1_firmwarear8035sa6155qcm4325qcn6224sm8475_firmwareqca6698aqqm215_firmwarewcn3950_firmwaresm6250sm7250-acwcn685x-1sm7325p_firmwaresa8145p_firmwarewcn3680bsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformvideo_collaboration_vc3_platform_firmwarewcn3990qcs6490qcs8250wsa8830_firmwaresm7150-aaqcn6224_firmwareqca6431wsa8845_firmwaresd660_firmwarewsa8832qcs603sxr2130_firmwaresnapdragon_675_mobile_platform_firmwarear8035_firmwaresm8475snapdragon_w5\+_gen_1_wearable_platform_firmwareqca6320sm8250-ab_firmwaresd888_firmwareqcs6125_firmwaresm6225_firmwaresm7325-af_firmwarewsa8815_firmwaresm8250-absa8195p_firmwareqca8337_firmwaresnapdragon_x12_lte_modem_firmwareqcm4290sm7325sm6125_firmwareqca9377_firmwareqcm6490_firmwaresm8350-ac_firmwaresm7250p_firmwareqcm4490_firmwarewcn785x-5_firmwarewcn3950snapdragon_xr2_5g_platformqcs6125sda845_firmwareapq5053-aa_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_xr2\+_gen_1_platform_firmwaresm4350_firmwaresm7350-ab_firmwarewcn3991sa8295p_firmwareapq5053-aasm7250psm6250_firmwaresa8155sm7150-aa_firmwareqca6584ausd888qca6320_firmwareqcn6274_firmwaresnapdragon_4_gen_2_mobile_platformsw5100_firmwarewcn685x-5wcn6740qca6310_firmwaresm6225-ad_firmwareqfw7114_firmwareqcs605_firmwareqca6595_firmwaresm8250-acsm8250_firmwarewcd9380sa6145p_firmwaresa6155_firmwaresnapdragon_xr2_5g_platform_firmwaresa8150psm7350-absm8350_firmwaresm6225-adsm4350-acsdm660_firmwaresw5100video_collaboration_vc3_platformaqt1000sm8150wcn3991_firmwareqam8295p_firmwaresd855sdm660qca6431_firmwarewcn3990_firmwaresm7315sm6125qca6698aq_firmwareqcs2290wcd93858998_firmwareqcs2290_firmwarewcn3615wcn3610_firmwareqcs4290wcd9390_firmwarewcn6750qca6430wcn6750_firmwaresdx55_firmwarewcn3615_firmwaresm7250-ab_firmwaresxr2130qcm44908098_firmwaresm7150-ab_firmwarecsra6640_firmwaresm4350snapdragon_xr2\+_gen_1_platformqca6174a_firmwaresm7325pwcn3998video_collaboration_vc5_platformqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresm8450sm6150-ac_firmwaresnapdragon_x65_5g_modem-rf_systemsd855_firmwarewcd9335_firmwarewcn3980_firmwareqca6436qca6584au_firmwareqcn6274wsa8835wsa8840_firmwareqca6391_firmwareqfw7124qca6595au_firmwaresw5100p_firmwaresm8250qca6696_firmwareqcs4290_firmwarewcd9380_firmwareqca6574_firmwarecsra6620qca8081sd660wsa8815sm4375sg4150pqca9377sm4375_firmwareqcm4325_firmwareqca6574a_firmwaresdx55qcm4290_firmwaresdm845_firmwarewcd9375_firmwareqca6391wcn785x-1qcs5430_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarecsra6620_firmwaresa8295p8098snapdragon_x50_5g_modem-rf_system_firmwareqcs8550qm215sd865_5g_firmwarewcd9375wcn685x-5_firmwarewcn3988_firmwaresa8145psm4350-ac_firmwaresnapdragon_wear_4100\+_platformwsa8835_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980sm7250-ac_firmwarewcn3680b_firmwareqcs610Snapdragon
CWE ID-CWE-287
Improper Authentication
CVE-2026-21881
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.43% / 34.76%
||
7 Day CHG~0.00%
Published-08 Jan, 2026 | 01:08
Updated-20 Jan, 2026 | 15:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kanboard is Vulnerable to Reverse Proxy Authentication Bypass

Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below is vulnerable to a critical authentication bypass when REVERSE_PROXY_AUTH is enabled. The application blindly trusts HTTP headers for user authentication without verifying the request originated from a trusted reverse proxy. An attacker can impersonate any user, including administrators, by simply sending a spoofed HTTP header. This issue is fixed in version 1.2.49.

Action-Not Available
Vendor-kanboardkanboard
Product-kanboardkanboard
CWE ID-CWE-287
Improper Authentication
CVE-2023-27582
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-1.02% / 59.15%
||
7 Day CHG~0.00%
Published-13 Mar, 2023 | 21:40
Updated-25 Feb, 2025 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Full authentication bypass if SASL authorization username is specified

maddy is a composable, all-in-one mail server. Starting with version 0.2.0 and prior to version 0.6.3, maddy allows a full authentication bypass if SASL authorization username is specified when using the PLAIN authentication mechanisms. Instead of validating the specified username, it is accepted as is after checking the credentials for the authentication username. maddy 0.6.3 includes the fix for the bug. There are no known workarounds.

Action-Not Available
Vendor-maddy_projectfoxcpp
Product-maddymaddy
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-305
Authentication Bypass by Primary Weakness
CVE-2023-23460
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
ShareView Details
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
CVSS Score-9.1||CRITICAL
EPSS-0.69% / 48.20%
||
7 Day CHG~0.00%
Published-15 Feb, 2023 | 00:00
Updated-19 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Priority Web – Authentication bypass

Priority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow authentication bypass.

Action-Not Available
Vendor-priority-softwarePriority
Product-priorityPriority Web
CWE ID-CWE-287
Improper Authentication
CVE-2016-4432
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.1||CRITICAL
EPSS-8.15% / 94.16%
||
7 Day CHG~0.00%
Published-01 Jun, 2016 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-qpid_broker-jn/a
CWE ID-CWE-287
Improper Authentication
CVE-2023-22964
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-2.45% / 82.39%
||
7 Day CHG~0.00%
Published-20 Jan, 2023 | 00:00
Updated-03 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zoho ManageEngine ServiceDesk Plus MSP before 10611, and 13x before 13004, is vulnerable to authentication bypass when LDAP authentication is enabled.

Action-Not Available
Vendor-n/aZoho Corporation Pvt. Ltd.
Product-manageengine_servicedesk_plus_mspn/a
CWE ID-CWE-287
Improper Authentication
CVE-2023-22497
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.68% / 47.88%
||
7 Day CHG~0.00%
Published-14 Jan, 2023 | 01:02
Updated-10 Mar, 2025 | 21:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netdata is vulnerable to improper authentication

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has access to a Netdata Agent has access to its MACHINE_GUID. Streaming is a feature that allows a Netdata Agent to act as parent for other Netdata Agents (children), offloading children from various functions (increased data retention, ML, health monitoring, etc) that can now be handled by the parent Agent. Configuration is done via `stream.conf`. On the parent side, users configure in `stream.conf` an API key (any random UUID can do) to provide common configuration for all children using this API key and per MACHINE GUID configuration to customize the configuration for each child. The way this was implemented, allowed an attacker to use a valid MACHINE_GUID as an API key. This affects all users who expose their Netdata Agents (children) to non-trusted users and they also expose to the same users Netdata Agent parents that aggregate data from all these children. The problem has been fixed in: Netdata agent v1.37 (stable) and Netdata agent v1.36.0-409 (nightly). As a workaround, do not enable streaming by default. If you have previously enabled this, it can be disabled. Limiting access to the port on the recipient Agent to trusted child connections may mitigate the impact of this vulnerability.

Action-Not Available
Vendor-netdatanetdata
Product-netdatanetdata
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2023-44039
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.55% / 41.77%
||
7 Day CHG~0.00%
Published-03 Apr, 2024 | 00:00
Updated-16 Apr, 2025 | 15:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In VeridiumID before 3.5.0, the WebAuthn API allows an internal unauthenticated attacker (who can pass enrollment verifications and is allowed to enroll a FIDO key) to register their FIDO authenticator to a victim’s account and consequently take over the account.

Action-Not Available
Vendor-veridiumidn/averidiumid
Product-veridiumadn/averidiumad
CWE ID-CWE-287
Improper Authentication
CVE-2023-22501
Matching Score-4
Assigner-Atlassian
ShareView Details
Matching Score-4
Assigner-Atlassian
CVSS Score-9.4||CRITICAL
EPSS-15.98% / 96.50%
||
7 Day CHG~0.00%
Published-01 Feb, 2023 | 18:00
Updated-01 Oct, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances_._ With write access to a User Directory and outgoing email enabled on a Jira Service Management instance, an attacker could gain access to signup tokens sent to users with accounts that have never been logged into. Access to these tokens can be obtained in two cases: * If the attacker is included on Jira issues or requests with these users, or * If the attacker is forwarded or otherwise gains access to emails containing a “View Request” link from these users. Bot accounts are particularly susceptible to this scenario. On instances with single sign-on, external customer accounts can be affected in projects where anyone can create their own account.

Action-Not Available
Vendor-Atlassian
Product-jira_service_managementJira Service Management Data CenterJira Service Management Server
CWE ID-CWE-287
Improper Authentication
CVE-2025-62717
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-2.7||LOW
EPSS-0.36% / 28.33%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 20:13
Updated-28 Oct, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Emlog Pro session verification code error due to clearing logic error

Emlog is an open source website building system. In version 2.5.23, Emlog Pro is vulnerable to a session verification code error due to a clearing logic error. This means the verification code could be reused anywhere an email verification code is required. This issue has been fixed in commit 1f726df.

Action-Not Available
Vendor-emlogemlog
Product-emlogemlog
CWE ID-CWE-287
Improper Authentication
CVE-2025-61922
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.48% / 37.70%
||
7 Day CHG~0.00%
Published-16 Oct, 2025 | 17:26
Updated-29 Dec, 2025 | 20:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PrestaShop Checkout allows customer account takeover via email

PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. Starting in version 1.3.0 and prior to versions 4.4.1 and 5.0.5, missing validation on the Express Checkout feature allows silent login, enabling account takeover via email. The vulnerability is fixed in versions 4.4.1 and 5.0.5. No known workarounds exist.

Action-Not Available
Vendor-PrestaShopCorpPrestaShop S.A
Product-prestashop_checkoutps_checkout
CWE ID-CWE-287
Improper Authentication
CVE-2021-32648
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-90.42% / 99.79%
||
7 Day CHG~0.00%
Published-26 Aug, 2021 | 19:00
Updated-24 Oct, 2025 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-02-01||Apply updates per vendor instructions.
Account Takeover in Octobercms

octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5.

Action-Not Available
Vendor-octobercmsoctobercmsOctober CMS
Product-octoberoctoberOctober CMS
CWE ID-CWE-287
Improper Authentication
CVE-2014-4198
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-1.30% / 66.88%
||
7 Day CHG~0.00%
Published-13 Feb, 2020 | 18:28
Updated-06 Aug, 2024 | 11:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function.

Action-Not Available
Vendor-bssysn/a
Product-rbs_bs-client._retail_clientn/a
CWE ID-CWE-287
Improper Authentication
CVE-2023-21455
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-5.9||MEDIUM
EPSS-0.40% / 32.25%
||
7 Day CHG~0.00%
Published-16 Mar, 2023 | 00:00
Updated-26 Feb, 2025 | 20:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authorization implementation in Exynos baseband prior to SMR Mar-2023 Release 1 allows incorrect handling of unencrypted message.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-exynosexynos_firmwareSamsung Mobile Devices
CWE ID-CWE-287
Improper Authentication
CVE-2025-58443
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.9||CRITICAL
EPSS-17.65% / 96.78%
||
7 Day CHG~0.00%
Published-06 Sep, 2025 | 20:04
Updated-29 Sep, 2025 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FOG's authentication bypass leads to full SQL DB dump

FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1673 and below contain an authentication bypass vulnerability. It is possible for an attacker to perform an unauthenticated DB dump where they could pull a full SQL DB without credentials. A fix is expected to be released 9/15/2025. To address this vulnerability immediately, upgrade to the latest version of either the dev-branch or working-1.6 branch. This will patch the issue for users concerned about immediate exposure. See the FOG Project documentation for step-by-step upgrade instructions: https://docs.fogproject.org/en/latest/install-fog-server#choosing-a-fog-version.

Action-Not Available
Vendor-fogprojectFOGProject
Product-fogprojectfogproject
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2023-20214
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.73% / 49.80%
||
7 Day CHG~0.00%
Published-03 Aug, 2023 | 21:24
Updated-02 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited write permissions to the configuration of an affected Cisco SD-WAN vManage instance. This vulnerability is due to insufficient request validation when using the REST API feature. An attacker could exploit this vulnerability by sending a crafted API request to an affected vManage instance. A successful exploit could allow the attacker to retrieve information from and send information to the configuration of the affected Cisco vManage instance. This vulnerability only affects the REST API and does not affect the web-based management interface or the CLI.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wan_vmanagecatalyst_sd-wan_managerCisco SD-WAN vManage
CWE ID-CWE-287
Improper Authentication
CVE-2013-4454
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.1||CRITICAL
EPSS-3.41% / 87.40%
||
7 Day CHG~0.00%
Published-18 Feb, 2020 | 13:23
Updated-06 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities

Action-Not Available
Vendor-getbutterflyPortable phpMyAdmin Plugin authors
Product-portable-phpmyadminPortable phpMyAdmin Plugin
CWE ID-CWE-287
Improper Authentication
CVE-2013-4462
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.1||CRITICAL
EPSS-2.81% / 84.80%
||
7 Day CHG~0.00%
Published-27 Jan, 2020 | 14:09
Updated-06 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability

Action-Not Available
Vendor-portable_phpmyadmin_projectPortable phpMyAdmin Plugin authors
Product-portable_phpmyadminPortable phpMyAdmin Plugin
CWE ID-CWE-287
Improper Authentication
CVE-2019-17134
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-2.30% / 81.17%
||
7 Day CHG~0.00%
Published-08 Oct, 2019 | 17:14
Updated-05 Aug, 2024 | 01:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the cmd/agent.py gunicorn cert_reqs option is True but is supposed to be ssl.CERT_REQUIRED.

Action-Not Available
Vendor-opendevn/aCanonical Ltd.
Product-ubuntu_linuxoctavian/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-15803
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-1.32% / 67.44%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 20:15
Updated-05 Aug, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fds_sys_passDebugPasswd_ret(). The firmware contains access control checks that determine if remote users are allowed to access this functionality. The function that performs this check (fds_sys_remoteDebugEnable_ret in libfds.so) always return TRUE with no actual checks performed. The diagnostics menu allows for reading/writing arbitrary registers and various other configuration parameters which are believed to be related to the network interface chips.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-gs1900-10hpgs1900-24_firmwaregs1900-24e_firmwaregs1900-8gs1900-48hpgs1900-8hp_firmwaregs1900-48_firmwaregs1900-24gs1900-8hpgs1900-24egs1900-8_firmwaregs1900-48gs1900-48hp_firmwaregs1900-16_firmwaregs1900-10hp_firmwaregs1900-16gs1900-24hp_firmwaregs1900-24hpn/a
CWE ID-CWE-287
Improper Authentication
CVE-2025-49591
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.4||HIGH
EPSS-0.44% / 35.47%
||
7 Day CHG~0.00%
Published-18 Jun, 2025 | 22:15
Updated-11 Aug, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CryptPad 2FA Bypass Vulnerability

CryptPad is a collaboration suite. Prior to version 2025.3.0, enforcement of Two-Factor Authentication (2FA) in CryptPad can be trivially bypassed, due to weak implementation of access controls. An attacker that compromises a user's credentials can gain access to the victim's account, even if the victim has 2FA set up. This is due to 2FA not being enforced if the path parameter is not 44 characters long, which can be bypassed by simply URL encoding a single character in the path. This issue has been patched in version 2025.3.0.

Action-Not Available
Vendor-cryptpadXWiki SAS
Product-cryptpadcryptpad
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-287
Improper Authentication
CVE-2025-47275
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.47% / 37.14%
||
7 Day CHG+0.02%
Published-15 May, 2025 | 21:13
Updated-22 May, 2025 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Brute Force Authentication Tags of CookieStore Sessions in Auth0-PHP SDK

Auth0-PHP provides the PHP SDK for Auth0 Authentication and Management APIs. Starting in version 8.0.0-BETA1 and prior to version 8.14.0, session cookies of applications using the Auth0-PHP SDK configured with CookieStore have authentication tags that can be brute forced, which may result in unauthorized access. Certain pre-conditions are required to be vulnerable to this issue: Applications using the Auth0-PHP SDK, or the Auth0/symfony, Auth0/laravel-auth0, and Auth0/wordpress SDKs that rely on the Auth0-PHP SDK; and session storage configured with CookieStore. Upgrade Auth0/Auth0-PHP to v8.14.0 to receive a patch. As an additional precautionary measure, rotating cookie encryption keys is recommended. Note that once updated, any previous session cookies will be rejected.

Action-Not Available
Vendor-auth0
Product-auth0-PHP
CWE ID-CWE-287
Improper Authentication
CVE-2025-45583
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.34% / 25.47%
||
7 Day CHG~0.00%
Published-12 Sep, 2025 | 00:00
Updated-16 Oct, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password.

Action-Not Available
Vendor-audin/a
Product-universal_traffic_recorderuniversal_traffic_recorder_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2025-30114
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.42% / 33.58%
||
7 Day CHG~0.00%
Published-18 Mar, 2025 | 00:00
Updated-22 May, 2025 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device's MAC address. By obtaining the MAC address through network scanning and spoofing it, an attacker can bypass the authentication process and gain full access to the dashcam's features without proper authorization.

Action-Not Available
Vendor-hellan/a
Product-dr_820dr_820_firmwaren/a
CWE ID-CWE-287
Improper Authentication
CVE-2022-47408
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.65% / 46.68%
||
7 Day CHG~0.00%
Published-14 Dec, 2022 | 00:00
Updated-21 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people.

Action-Not Available
Vendor-fp_newsletter_projectn/a
Product-fp_newslettern/a
CWE ID-CWE-287
Improper Authentication
CVE-2021-23847
Matching Score-4
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-4
Assigner-Robert Bosch GmbH
CVSS Score-9.8||CRITICAL
EPSS-1.43% / 69.83%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 14:19
Updated-17 Sep, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Information Extraction Vulnerability

A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device. Only devices of the CPP6, CPP7 and CPP7.3 family with firmware 7.70, 7.72, and 7.80 prior to B128 are affected by this vulnerability. Versions 7.62 or lower and INTEOX cameras are not affected.

Action-Not Available
Vendor-Robert Bosch GmbH
Product-cpp7_firmwarecpp7.3_firmwarecpp7.3cpp7cpp6_firmwarecpp6CPP Firmware
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2021-23365
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-4.8||MEDIUM
EPSS-1.01% / 58.91%
||
7 Day CHG~0.00%
Published-26 Apr, 2021 | 10:05
Updated-17 Sep, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication Bypass

The package github.com/tyktechnologies/tyk-identity-broker before 1.1.1 are vulnerable to Authentication Bypass via the Go XML parser which can cause SAML authentication bypass. This is because the XML parser doesn’t guarantee integrity in the XML round-trip (encoding/decoding XML data).

Action-Not Available
Vendor-tykn/a
Product-tyk-identity-brokergithub.com/TykTechnologies/tyk-identity-broker
CWE ID-CWE-287
Improper Authentication
CVE-2021-21982
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-9.1||CRITICAL
EPSS-1.36% / 68.31%
||
7 Day CHG~0.00%
Published-01 Apr, 2021 | 18:45
Updated-03 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an authentication bypass vulnerability that may allow a malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance to obtain a valid authentication token. Successful exploitation of this issue would result in the attacker being able to view and alter administrative configuration settings.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncVMware (Broadcom Inc.)
Product-carbon_black_cloud_workloadlinux_kernelVMware Carbon Black Cloud Workload appliance
CWE ID-CWE-287
Improper Authentication
CVE-2021-21308
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.1||MEDIUM
EPSS-1.05% / 60.09%
||
7 Day CHG~0.00%
Published-26 Feb, 2021 | 19:50
Updated-03 Aug, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper session management for soft logout

PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 the soft logout system is not complete and an attacker is able to foreign request and executes customer commands. The problem is fixed in 1.7.7.2

Action-Not Available
Vendor-PrestaShop S.A
Product-prestashopPrestaShop
CWE ID-CWE-287
Improper Authentication
CVE-2021-21399
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-1.44% / 69.93%
||
7 Day CHG~0.00%
Published-13 Apr, 2021 | 17:50
Updated-03 Aug, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated SubSonic backend access in Ampache

Ampache is a web based audio/video streaming application and file manager. Versions prior to 4.4.1 allow unauthenticated access to Ampache using the subsonic API. To successfully make the attack you must use a username that is not part of the site to bypass the auth checks. For more details and workaround guidance see the referenced GitHub security advisory.

Action-Not Available
Vendor-ampacheampache
Product-ampacheampache
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-287
Improper Authentication
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found