Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-287 (认证机制不恰当) — Vulnerability Class 1203

1203 vulnerabilities classified as CWE-287 (认证机制不恰当). AI Chinese analysis included.

CWE-287 represents a critical authentication weakness where a system fails to adequately verify the identity of an actor claiming a specific identity. This flaw typically allows attackers to bypass security controls by exploiting insufficient verification mechanisms, enabling unauthorized access through stolen credentials, brute-force attacks, or session hijacking. When authentication logic is flawed, malicious entities can impersonate legitimate users, leading to severe data breaches and privilege escalation. Developers mitigate this risk by implementing robust, multi-factor authentication protocols and ensuring that identity verification processes are rigorous and resistant to common attack vectors. By strictly validating credentials against secure, hashed databases and employing adaptive security measures, organizations can significantly reduce the likelihood of unauthorized access, thereby protecting sensitive information and maintaining system integrity against sophisticated cyber threats.

MITRE CWE Description
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Common Consequences (1)
Integrity, Confidentiality, Availability, Access ControlRead Application Data, Gain Privileges or Assume Identity, Execute Unauthorized Code or Commands
This weakness can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or even execute arbitrary code.
Mitigations (1)
Architecture and DesignUse an authentication framework or library such as the OWASP ESAPI Authentication feature.
Examples (2)
The following code intends to ensure that the user is already logged in. If not, the code performs authentication with the user-provided username and password. If successful, it sets the loggedin and user cookies to "remember" that the user has already logged in. Finally, the code performs administrator tasks if the logged-in user has the "Administrator" username, as recorded in the user cookie.
my $q = new CGI; if ($q->cookie('loggedin') ne "true") { if (! AuthenticateUser($q->param('username'), $q->param('password'))) { ExitError("Error: you need to log in first"); } else { # Set loggedin and user cookies. $q->cookie( -name => 'loggedin', -value => 'true' ); $q->cookie( -name => 'user', -value => $q->param('username') ); } } if ($q->cookie('user') eq "Administrator") { DoAdministratorTasks(); }
Bad · Perl
GET /cgi-bin/vulnerable.cgi HTTP/1.1 Cookie: user=Administrator Cookie: loggedin=true [body of request]
Attack
In January 2009, an attacker was able to gain administrator access to a Twitter server because the server did not restrict the number of login attempts [REF-236]. The attacker targeted a member of Twitter's support team and was able to successfully guess the member's password using a brute force attack by guessing a large number of common words. After gaining access as the member of the support st…
CVE IDTitleCVSSSeverityPublished
CVE-2021-25424 Tizen bluetooth-frwk 授权问题漏洞 — Tizen wearable devices 8.3 -2021-06-11
CVE-2021-23847 Unauthenticated Information Extraction Vulnerability — CPP Firmware 9.8 Critical2021-06-09
CVE-2020-14380 Red Hat Satellite 授权问题漏洞 — Red Hat Satellite 7.5 -2021-06-02
CVE-2021-3424 Red Hat Single Sign-On 7安全漏洞 — keycloak 4.3 -2021-06-01
CVE-2021-32646 Escalation of permissions in roomer — Dav-Cogs 5.3 Medium2021-05-28
CVE-2021-32637 Authentication bypassed with malformed request URI — authelia 10.0 Critical2021-05-28
CVE-2021-32543 SysJust CTS Web - Broken Authentication — CTS Web 6.5 Medium2021-05-28
CVE-2020-10709 Red Hat Ansible 代码问题漏洞 — Tower 7.1 -2021-05-27
CVE-2018-16496 Versa Networks Versa Director 授权问题漏洞 — Versa Director 5.3 -2021-05-26
CVE-2002-2438 TCP 授权问题漏洞 — kernel 7.5 -2021-05-18
CVE-2021-27651 PEGA pega infinity 授权问题漏洞 — Pega Infinity 7.8 -2021-04-29
CVE-2021-22893 Pulse Secure Pulse Connect Secure 资源管理错误漏洞 — Pulse Connect Secure 10.0 -2021-04-23
CVE-2020-7856 Helpcom 授权问题漏洞 — Helpcom 7.5 High2021-04-20
CVE-2021-20288 红帽 Red Hat Ceph 授权问题漏洞 — ceph 9.8 -2021-04-15
CVE-2021-20020 SonicWall Global Management System 授权问题漏洞 — Global Management System (GMS) 9.8 -2021-04-10
CVE-2021-25377 Samsung Experience Service 授权问题漏洞 — Samsung Experience Service 3.3 Low2021-04-09
CVE-2021-28174 Mitake Smart Stock Selection System - Broken Authentication — Mitake Smart Stock Selection System 6.5 Medium2021-04-08
CVE-2021-24175 The Plus Addons for Elementor Page Builder < 4.1.7 - Authentication Bypass — The Plus Addons for Elementor Page Builder 9.8 -2021-04-05
CVE-2021-25368 Samsung Cloud 授权问题漏洞 — Samsung Cloud 3.3 Low2021-03-25
CVE-2021-24148 MStore API < 3.2.0 - Authentication Bypass With Sign In With Apple — MStore API 7.5 -2021-03-18
CVE-2021-21378 JWT authentication bypass with unknown issuer token — envoy 8.2 High2021-03-11
CVE-2020-27838 Red Hat Keycloak 授权问题漏洞 — keycloak 4.3 -2021-03-08
CVE-2021-21335 Basic Authentication can be bypassed using a malformed username — spnego-http-auth-nginx-module 5.3 Medium2021-03-08
CVE-2021-21329 Multi Factor Authentication Token Improperly Validated On User Login — core 8.7 High2021-03-08
CVE-2020-5148 SonicWall SSO-agent 授权问题漏洞 — Directory Services Connector 9.8 -2021-03-05
CVE-2021-25347 Samsung Email application 授权问题漏洞 — Samsung Mobile Devices 5.3 Medium2021-03-04
CVE-2021-25343 Samsung mobile devices 授权问题漏洞 — Samsung Members 4.0 Medium2021-03-04
CVE-2021-25342 Samsung mobile devices 授权问题漏洞 — SMP sdk 4.0 Medium2021-03-04
CVE-2021-25341 S Assistant 授权问题漏洞 — S Assistant 4.0 Medium2021-03-04
CVE-2021-25315 salt-api unauthenticated remote code execution — SUSE Linux Enterprise Server 15 SP 3 9.8 Critical2021-03-03

Vulnerabilities classified as CWE-287 (认证机制不恰当) represent 1203 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.