Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1203

1203 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CWE-287 represents a critical authentication weakness where a system fails to adequately verify the identity of an actor claiming a specific identity. This flaw typically allows attackers to bypass security controls by exploiting insufficient verification mechanisms, enabling unauthorized access through stolen credentials, brute-force attacks, or session hijacking. When authentication logic is flawed, malicious entities can impersonate legitimate users, leading to severe data breaches and privilege escalation. Developers mitigate this risk by implementing robust, multi-factor authentication protocols and ensuring that identity verification processes are rigorous and resistant to common attack vectors. By strictly validating credentials against secure, hashed databases and employing adaptive security measures, organizations can significantly reduce the likelihood of unauthorized access, thereby protecting sensitive information and maintaining system integrity against sophisticated cyber threats.

MITRE CWE Description
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Common Consequences (1)
Integrity, Confidentiality, Availability, Access ControlRead Application Data, Gain Privileges or Assume Identity, Execute Unauthorized Code or Commands
This weakness can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or even execute arbitrary code.
Mitigations (1)
Architecture and DesignUse an authentication framework or library such as the OWASP ESAPI Authentication feature.
Examples (2)
The following code intends to ensure that the user is already logged in. If not, the code performs authentication with the user-provided username and password. If successful, it sets the loggedin and user cookies to "remember" that the user has already logged in. Finally, the code performs administrator tasks if the logged-in user has the "Administrator" username, as recorded in the user cookie.
my $q = new CGI; if ($q->cookie('loggedin') ne "true") { if (! AuthenticateUser($q->param('username'), $q->param('password'))) { ExitError("Error: you need to log in first"); } else { # Set loggedin and user cookies. $q->cookie( -name => 'loggedin', -value => 'true' ); $q->cookie( -name => 'user', -value => $q->param('username') ); } } if ($q->cookie('user') eq "Administrator") { DoAdministratorTasks(); }
Bad · Perl
GET /cgi-bin/vulnerable.cgi HTTP/1.1 Cookie: user=Administrator Cookie: loggedin=true [body of request]
Attack
In January 2009, an attacker was able to gain administrator access to a Twitter server because the server did not restrict the number of login attempts [REF-236]. The attacker targeted a member of Twitter's support team and was able to successfully guess the member's password using a brute force attack by guessing a large number of common words. After gaining access as the member of the support st…
CVE IDTitleCVSSSeverityPublished
CVE-2024-36266 Siemens PowerSys 授权问题漏洞 — PowerSys 9.3 Critical2024-06-11
CVE-2024-5732 Clash Proxy Port improper authentication — Clash 7.3 High2024-06-07
CVE-2024-37152 Unauthenticated Access to sensitive settings in Argo CD — argo-cd 5.3 Medium2024-06-06
CVE-2023-51511 WordPress Booster Elite for WooCommerce plugin < 7.1.3 - Authenticated Production Creation/Modification Vulnerability — Booster Elite for WooCommerce 6.5 Medium2024-06-04
CVE-2023-48747 WordPress Booster for WooCommerce plugin <= 7.1.2 - Authenticated Production Creation/Modification Vulnerability — Booster for WooCommerce 6.5 Medium2024-06-04
CVE-2023-47189 WordPress Defender Security plugin <= 4.2.0 - Masked Login Area View Bypass vulnerability — Defender Security 5.3 Medium2024-06-04
CVE-2023-46630 WordPress Admin and Site Enhancements (ASE) plugin <= 5.7.1 - Password Protected View Bypass Vulnerability vulnerability — Admin and Site Enhancements (ASE) 7.5 High2024-06-04
CVE-2023-43551 Improper Authentication in Multi-Mode Call Processor — Snapdragon 9.1 Critical2024-06-03
CVE-2024-5201 Dimensions RM - Privilege Escalation — Dimensions RM 8.8 High2024-05-23
CVE-2024-5044 Emlog Pro Cookie improper authentication — Emlog Pro 3.7 Low2024-05-17
CVE-2023-41956 WordPress Simple Membership plugin <= 4.3.4 - Authenticated Account Takeover vulnerability — Simple Membership 8.8 High2024-05-17
CVE-2024-35184 paperless-ngx's remote user auth via header works even when disabling it for API — paperless-ngx 5.5 Medium2024-05-15
CVE-2024-3487 Broken Authentication vulnerability in iManager — iManager 3.5 Low2024-05-15
CVE-2024-34340 Authentication Bypass when using using older password hashes — cacti 9.1 Critical2024-05-13
CVE-2024-4129 Authentication bypass in Snow License Manager — Snow License Manager 8.8 High2024-05-10
CVE-2024-4601 Improper Authentication vulnerability in Socomec Net Vision — Net vision 6.7 Medium2024-05-07
CVE-2023-38096 NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass Vulnerability — ProSAFE Network Management System 9.8 -2024-05-03
CVE-2024-4303 ArmorX Android APP - MFA Bypass — ArmorX APP 8.8 High2024-04-29
CVE-2023-6787 Keycloak: session hijacking via re-authentication 6.5 Medium2024-04-25
CVE-2023-3597 Keycloak: secondary factor bypass in step-up authentication 5.0 Medium2024-04-25
CVE-2023-51484 WordPress Login as User or Customer plugin <= 3.8 - Unauthenticated Account Takeover vulnerability — Login as User or Customer (User Switching) 9.8 Critical2024-04-25
CVE-2023-51482 WordPress Eazy Plugin Manager plugin <= 4.1.2 - Auth. Arbitrary Options Update lead to RCE vulnerability — Eazy Plugin Manager 9.9 Critical2024-04-25
CVE-2023-51478 WordPress Build App Online plugin <= 1.0.19 - Unauthenticated Account Takeover vulnerability — Build App Online 9.8 Critical2024-04-25
CVE-2023-51477 WordPress BuddyBoss Theme theme <= 2.4.60 - Unauth. Arbitrary WordPress Settings Change vulnerability — BuddyBoss Theme 9.8 Critical2024-04-24
CVE-2023-51472 WordPress Checkout Mestres WP plugin <= 7.1.9.7 - Unauthenticated Account Takeover vulnerability — Checkout Mestres WP 9.8 Critical2024-04-24
CVE-2023-51471 WordPress Checkout Mestres WP plugin <= 7.1.9.7 - Unauthenticated Arbitrary Options Update vulnerability — Checkout Mestres WP 8.2 High2024-04-24
CVE-2023-51405 WordPress BookingPress plugin <= 1.0.74 - Booking Price Manipulation vulnerability — BookingPress 8.2 High2024-04-24
CVE-2023-47504 WordPress Elementor plugin <= 3.16.4 - Auth. Arbitrary Attachment Read vulnerability — Elementor Website Builder 6.5 Medium2024-04-24
CVE-2023-25790 WordPress WoodMart theme <= 7.0.4 - Unauth Arbitrary Shortcodes Injection — WoodMart 5.3 Medium2024-04-24
CVE-2024-2112 Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder <= 1.15.22 - Sensitive Information Exposure — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder 5.9 Medium2024-04-09

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1203 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.