Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1199

1199 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CWE-287 represents a critical authentication weakness where a system fails to adequately verify the identity of an actor claiming a specific identity. This flaw typically allows attackers to bypass security controls by exploiting insufficient verification mechanisms, enabling unauthorized access through stolen credentials, brute-force attacks, or session hijacking. When authentication logic is flawed, malicious entities can impersonate legitimate users, leading to severe data breaches and privilege escalation. Developers mitigate this risk by implementing robust, multi-factor authentication protocols and ensuring that identity verification processes are rigorous and resistant to common attack vectors. By strictly validating credentials against secure, hashed databases and employing adaptive security measures, organizations can significantly reduce the likelihood of unauthorized access, thereby protecting sensitive information and maintaining system integrity against sophisticated cyber threats.

MITRE CWE Description
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Common Consequences (1)
Integrity, Confidentiality, Availability, Access ControlRead Application Data, Gain Privileges or Assume Identity, Execute Unauthorized Code or Commands
This weakness can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or even execute arbitrary code.
Mitigations (1)
Architecture and DesignUse an authentication framework or library such as the OWASP ESAPI Authentication feature.
Examples (2)
The following code intends to ensure that the user is already logged in. If not, the code performs authentication with the user-provided username and password. If successful, it sets the loggedin and user cookies to "remember" that the user has already logged in. Finally, the code performs administrator tasks if the logged-in user has the "Administrator" username, as recorded in the user cookie.
my $q = new CGI; if ($q->cookie('loggedin') ne "true") { if (! AuthenticateUser($q->param('username'), $q->param('password'))) { ExitError("Error: you need to log in first"); } else { # Set loggedin and user cookies. $q->cookie( -name => 'loggedin', -value => 'true' ); $q->cookie( -name => 'user', -value => $q->param('username') ); } } if ($q->cookie('user') eq "Administrator") { DoAdministratorTasks(); }
Bad · Perl
GET /cgi-bin/vulnerable.cgi HTTP/1.1 Cookie: user=Administrator Cookie: loggedin=true [body of request]
Attack
In January 2009, an attacker was able to gain administrator access to a Twitter server because the server did not restrict the number of login attempts [REF-236]. The attacker targeted a member of Twitter's support team and was able to successfully guess the member's password using a brute force attack by guessing a large number of common words. After gaining access as the member of the support st…
CVE IDTitleCVSSSeverityPublished
CVE-2026-41070 openvpn-auth-oauth2 returns FUNC_SUCCESS on client-deny, allowing unauthenticated VPN access — openvpn-auth-oauth2 10.0 Critical2026-05-08
CVE-2026-41574 Nhost Vulnerable to Account Takeover via OAuth Email Verification Bypass — nhost--2026-05-08
CVE-2026-41671 Admidio: OIDC Token Introspection Endpoint Returns Active for All Tokens Without Validation — admidio 6.8 Medium2026-05-07
CVE-2026-35579 CoreDNS TSIG authentication bypass on gRPC, QUIC, DoH, and DoH3 transports — coredns--2026-05-05
CVE-2026-27960 OpenCTI privilege escalation and unauthenticated access via default admin account — opencti 9.8 Critical2026-05-05
CVE-2026-5722 MoreConvert Pro <= 1.9.14 - Authentication Bypass via Waitlist Guest Verification Token Reuse — MoreConvert Pro 9.8 Critical2026-05-05
CVE-2026-41571 Note Mark: OIDC-registered users authenticated by submitting password "null" — note-mark 9.4 Critical2026-05-04
CVE-2026-7722 PrefectHQ prefect Health Check API health endswith improper authentication — prefect 5.3 Medium2026-05-04
CVE-2026-7710 YunaiV yudao-cloud Ruoyi-Vue-Pro JwtAuthenticationTokenFilter.java doFilterInternal improper authentication — yudao-cloud 7.3 High2026-05-03
CVE-2026-7679 YunaiV yudao-cloud OAuth2TokenServiceImpl.java getAccessToken improper authentication — yudao-cloud 7.3 High2026-05-03
CVE-2026-7630 innocommerce InnoShop Installation Endpoint InstallServiceProvider.php boot improper authentication — InnoShop 7.3 High2026-05-02
CVE-2026-41081 Apache Storm Client: Anonymous principal assigned on TLS client certificate verification failure — Apache Storm Client 9.1AICriticalAI2026-04-27
CVE-2026-7112 NousResearch hermes-agent API_SERVER_KEY api_server.py _check_auth improper authentication — hermes-agent 5.6 Medium2026-04-27
CVE-2026-7022 SmythOS sre HTTP Header AgentRuntime.class.ts AgentRuntime improper authentication — sre 7.3 High2026-04-26
CVE-2026-41428 Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints — budibase 9.1 Critical2026-04-24
CVE-2026-42041 Axios: Authentication Bypass via Prototype Pollution Gadget in `validateStatus` Merge Strategy — axios 4.8 Medium2026-04-24
CVE-2026-41276 Flowise: AccountService resetPassword Authentication Bypass Vulnerability — Flowise 7.4AIHighAI2026-04-23
CVE-2026-41679 Paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass — paperclip 10.0 Critical2026-04-23
CVE-2026-41145 MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads — minio 8.8AIHighAI2026-04-22
CVE-2026-40344 MinIO has an Unauthenticated Object Write via Missing Signature Verification in Unsigned-Trailer Uploads — minio 8.8AIHighAI2026-04-22
CVE-2026-40946 Oxia: OIDC token audience validation bypass via SkipClientIDCheck — oxia 9.1AICriticalAI2026-04-21
CVE-2026-40910 frp: Authentication bypass in frp HTTP vhost routing when routeByHTTPUser is used for access control — frp 6.5 Medium2026-04-21
CVE-2026-6729 HKUDS OpenHarness Session Key Collision Privilege Escalation — OpenHarness 6.3 Medium2026-04-20
CVE-2026-33432 Roxy-WI has Pre-Authentication LDAP Injection that Leads to Authentication Bypass — roxy-wi 7.5AIHighAI2026-04-20
CVE-2026-6635 rowboatlabs rowboat tools_webhook app.py tool_call improper authentication — rowboat 7.3 High2026-04-20
CVE-2026-6569 kodcloud KodExplorer fileGet Endpoint share.class.php improper authentication — KodExplorer 7.3 High2026-04-19
CVE-2025-46641 Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞 — PowerProtect Data Domain 6.6 Medium2026-04-17
CVE-2025-46607 Dell PowerProtect Data Domain 安全漏洞 — PowerProtect Data Domain 6.6 Medium2026-04-17
CVE-2026-32072 Active Directory Spoofing Vulnerability — Windows 10 Version 1607 6.2 Medium2026-04-14
CVE-2026-23708 Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 授权问题漏洞 — FortiSOAR PaaS 6.7 High2026-04-14

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1199 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.