Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1203

1203 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CWE-287 represents a critical authentication weakness where a system fails to adequately verify the identity of an actor claiming a specific identity. This flaw typically allows attackers to bypass security controls by exploiting insufficient verification mechanisms, enabling unauthorized access through stolen credentials, brute-force attacks, or session hijacking. When authentication logic is flawed, malicious entities can impersonate legitimate users, leading to severe data breaches and privilege escalation. Developers mitigate this risk by implementing robust, multi-factor authentication protocols and ensuring that identity verification processes are rigorous and resistant to common attack vectors. By strictly validating credentials against secure, hashed databases and employing adaptive security measures, organizations can significantly reduce the likelihood of unauthorized access, thereby protecting sensitive information and maintaining system integrity against sophisticated cyber threats.

MITRE CWE Description
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Common Consequences (1)
Integrity, Confidentiality, Availability, Access ControlRead Application Data, Gain Privileges or Assume Identity, Execute Unauthorized Code or Commands
This weakness can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or even execute arbitrary code.
Mitigations (1)
Architecture and DesignUse an authentication framework or library such as the OWASP ESAPI Authentication feature.
Examples (2)
The following code intends to ensure that the user is already logged in. If not, the code performs authentication with the user-provided username and password. If successful, it sets the loggedin and user cookies to "remember" that the user has already logged in. Finally, the code performs administrator tasks if the logged-in user has the "Administrator" username, as recorded in the user cookie.
my $q = new CGI; if ($q->cookie('loggedin') ne "true") { if (! AuthenticateUser($q->param('username'), $q->param('password'))) { ExitError("Error: you need to log in first"); } else { # Set loggedin and user cookies. $q->cookie( -name => 'loggedin', -value => 'true' ); $q->cookie( -name => 'user', -value => $q->param('username') ); } } if ($q->cookie('user') eq "Administrator") { DoAdministratorTasks(); }
Bad · Perl
GET /cgi-bin/vulnerable.cgi HTTP/1.1 Cookie: user=Administrator Cookie: loggedin=true [body of request]
Attack
In January 2009, an attacker was able to gain administrator access to a Twitter server because the server did not restrict the number of login attempts [REF-236]. The attacker targeted a member of Twitter's support team and was able to successfully guess the member's password using a brute force attack by guessing a large number of common words. After gaining access as the member of the support st…
CVE IDTitleCVSSSeverityPublished
CVE-2025-27422 FACTION Allows Authentication Bypass via User Creation — faction 7.5 High2025-03-03
CVE-2024-38426 Improper Authentication in Modem — Snapdragon 5.4 Medium2025-03-03
CVE-2025-1723 Account takeover — ADSelfService Plus 8.1 High2025-03-03
CVE-2025-27416 Asking For Scratch Username And Password — Scratch-Coding-Hut.github.io 9.8 -2025-03-01
CVE-2025-27414 MinIO SFTP authentication bypass due to improperly trusted SSH key — minio 7.4 -2025-02-28
CVE-2025-27112 Navidrome has authentication bypass in Subsonic API with non-existent username — navidrome 9.1 -2025-02-24
CVE-2024-5174 Broken Authentication in Gliffy — Gliffy Online 6.8 -2025-02-24
CVE-2025-1024 Session Hijacking via Reflected Cross-Site Scripting (XSS) in ChurchCRM EditEventAttendees.php EID Parameter — ChurchCRM 4.8 -2025-02-19
CVE-2025-24895 SAML Response Signature Verification Bypass in CIE.AspNetCore.Authentication — cie-aspnetcore 9.1 Critical2025-02-18
CVE-2025-24894 SAML Response Signature Verification Bypass in SPID.AspNetCore.Authentication — spid-aspnetcore 9.1 Critical2025-02-18
CVE-2025-0981 Session Hijacking via Stored Cross-Site Scripting (XSS) in ChurchCRM GroupEditor.php Description Field — ChurchCRM 4.8 -2025-02-18
CVE-2025-24904 libsignal-service-rs doesn't sanity check plaintext envelopes are not sanity-checked — libsignal-service-rs 8.5 High2025-02-13
CVE-2025-25201 Improper Validation of Admin Key in PIV Smartcard — nitrokey-3-firmware 4.0 Medium2025-02-12
CVE-2024-13528 Customer Email Verification for WooCommerce <= 2.9.5 - Authentication Bypass via Shortcode — Customer Email Verification for WooCommerce 7.5 High2025-02-12
CVE-2025-1044 Logsign Unified SecOps Platform Authentication Bypass Vulnerability — Unified SecOps Platform 9.8 -2025-02-11
CVE-2025-21349 Windows Remote Desktop Configuration Service Tampering Vulnerability — Windows 10 Version 1507 6.8 Medium2025-02-11
CVE-2024-52968 Fortinet FortiClient 授权问题漏洞 — FortiClientMac 5.8 Medium2025-02-11
CVE-2025-1231 Devolutions Server 安全漏洞 — Server 8.8 -2025-02-11
CVE-2025-24032 PAM-PKCS#11 vulnerable to authentication bypass with default value for `cert_policy` (`none`) — pam_pkcs11 8.1 -2025-02-10
CVE-2025-0890 Zyxel VMG4325-B10A 授权问题漏洞 — VMG4325-B10A firmware 9.8 Critical2025-02-04
CVE-2024-12510 LDAP Authentication Sever Pass-back attack — Versalink B400 6.7 Medium2025-02-03
CVE-2025-0637 Inadequate access control in Beta10 — Beta10 9.8 Critical2025-01-23
CVE-2025-0604 Keycloak-ldap-federation: authentication bypass due to missing ldap bind after password reset in keycloak 5.4 Medium2025-01-22
CVE-2024-36402 Unauthenticated writes to the media repository allow planting of problematic content in Matrix Media Repo — matrix-media-repo 5.3 Medium2025-01-16
CVE-2025-22146 Improper authentication on SAML SSO process allows user impersonation in sentry — sentry 9.1 Critical2025-01-15
CVE-2024-11322 CyberPower PowerPanel Business Unauthenticated Restart DoS — PowerPanel Business 7.5 High2025-01-15
CVE-2024-12919 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.7 - Authentication Bypass via pms_payment_id — Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction 9.8 Critical2025-01-14
CVE-2025-0070 Improper Authentication in SAP NetWeaver ABAP Server and ABAP Platform — SAP NetWeaver Application Server for ABAP and ABAP Platform 9.9 Critical2025-01-14
CVE-2024-42172 HCL MyXalytics is affected by broken authentication — DRYiCE MyXalytics 5.3 Medium2025-01-11
CVE-2024-9133 A user with administrator privileges is able to retrieve authentication tokens — Arista Edge Threat Management 6.6 Medium2025-01-10

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1203 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.