Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1119

1119 vulnerabilities classified as CWE-306 (关键功能的认证机制缺失). AI Chinese analysis included.

CWE-306 represents a critical authentication weakness where software fails to verify user identity before executing sensitive operations or consuming substantial resources. Attackers typically exploit this vulnerability by directly invoking administrative endpoints, initiating high-cost processes, or accessing restricted data without valid credentials, effectively bypassing security controls. This oversight allows unauthorized users to perform actions intended only for authenticated individuals, leading to privilege escalation, data breaches, or denial of service through resource exhaustion. To mitigate this risk, developers must implement robust access control mechanisms that strictly enforce authentication checks on all critical functions. This involves integrating secure session management, validating tokens for every request, and applying the principle of least privilege to ensure that only verified users with appropriate permissions can trigger sensitive operations or consume significant system resources.

MITRE CWE Description
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Common Consequences (1)
Access Control, OtherGain Privileges or Assume Identity, Varies by Context
Exposing critical functionality essentially provides an attacker with the privilege level of that functionality. The consequences will depend on the associated functionality, but they can range from reading or modifying sensitive data, accessing administrative or other privileged functionality, or p…
Mitigations (5)
Architecture and DesignDivide the software into anonymous, normal, privileged, and administrative areas. Identify which of these areas require a proven user identity, and use a centralized authentication capability. Identify all potential communication channels, or other means of interaction with the software, to ensure that all channels are appropriately protected, including those channels that are assumed to be access…
Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
Architecture and DesignWhere possible, avoid implementing custom, "grow-your-own" authentication routines and consider using authentication capabilities as provided by the surrounding framework, operating system, or environment. These capabilities may avoid common weaknesses that are unique to authentication; support automatic auditing and tracking; and make it easier to provide a clear separation between authentication…
Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid. For example, consider using libraries with authentication capabilities such as OpenSSL or the ESAPI Authenticator [REF-45].
Implementation, System Configuration, OperationWhen storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to require strong authentication for users who should be allowed to access the data [REF-1297] [REF-1298] [REF-1302].
Examples (2)
In the following Java example the method createBankAccount is used to create a BankAccount object for a bank management application.
public BankAccount createBankAccount(String accountNumber, String accountType, String accountName, String accountSSN, double balance) { BankAccount account = new BankAccount(); account.setAccountNumber(accountNumber); account.setAccountType(accountType); account.setAccountOwnerName(accountName); account.setAccountOwnerSSN(accountSSN); account.setBalance(balance); return account; }
Bad · Java
private boolean isUserAuthentic = false; // authenticate user, // if user is authenticated then set variable to true // otherwise set variable to false public boolean authenticateUser(String username, String password) { ... } public BankAccount createNewBankAccount(String accountNumber, String accountType, String accountName, String accountSSN, double balance) { BankAccount account = null; if (isUserAuthentic) { account = new BankAccount(); account.setAccountNumber(accountNumber); account.setAccountType(accountType); account.setAccountOwnerName(accountName); account.setAccountOwnerSSN(accountS
Good · Java
In 2022, the OT:ICEFALL study examined products by 10 different Operational Technology (OT) vendors. The researchers reported 56 vulnerabilities and said that the products were "insecure by design" [REF-1283]. If exploited, these vulnerabilities often allowed adversaries to change how the products operated, ranging from denial of service to changing the code that the products executed. Since these…
CVE IDTitleCVSSSeverityPublished
CVE-2020-12017 多款GE产品访问控制错误漏洞 — GE Grid Solutions Reason RT Clocks 9.8 -2020-06-02
CVE-2019-5620 ABB MicroSCADA Pro SYS600 Missing Authentication for Critical Function — MicroSCADA Pro SYS600 9.8 -2020-04-29
CVE-2020-10625 Advantech WebAccess/NMS 访问控制错误漏洞 — WebAccess/NMS 9.8 -2020-04-09
CVE-2020-10265 RVD#1443: UR dashboard server enables unauthenticated remote control of core robot functions — Universal Robots Robot Controllers CB 2, CB3, e-series 9.8 -2020-04-06
CVE-2020-7479 Schneider Electric Interactive Graphical SCADA System 访问控制错误漏洞 — IGSS (Interactive Graphical SCADA System) (IGSS Version prior to 14.0.0.20009) 7.8 -2020-03-23
CVE-2020-5328 Dell EMC Isilon OneFS 访问控制错误漏洞 — Isilon OneFS 9.8 Critical2020-03-06
CVE-2020-5326 Dell Client platforms 访问控制错误漏洞 — Dell Client Consumer and Commercial Platforms 6.1 Medium2020-02-21
CVE-2020-6769 Missing Authentication for Critical Function in Bosch Video Streaming Gateway — DIVAR IP 2000 10.0 Critical2020-02-07
CVE-2019-16003 Cisco UCS Director Information Disclosure Vulnerability — Cisco UCS Director 5.3 -2020-01-26
CVE-2020-6964 多款GE产品访问控制错误漏洞 — GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors 10.0 -2020-01-24
CVE-2019-13933 Siemens Scalance X-200系列和Scalance X-300系列访问控制错误漏洞 — SCALANCE X204RNA (HSR) 7.5 -2020-01-16
CVE-2019-18572 Dell RSA Identity Governance and Lifecycle和RSA Via Lifecycle and Governance 授权问题漏洞 — RSA Identity Governance & Lifecycle 9.8 -2019-12-18
CVE-2019-5152 Shadowsocks-libev 访问控制错误漏洞 — Shadowsocks 5.9 -2019-12-18
CVE-2019-18339 Siemens SiNVR 3 Central Control Server 访问控制错误漏洞 — SiNVR/SiVMS Video Server 9.8 Critical2019-12-12
CVE-2019-5164 Shadowsocks-libev 访问控制错误漏洞 — Shadowsocks 7.8 -2019-12-03
CVE-2019-5163 Shadowsocks-libev 访问控制错误漏洞 — Shadowsocks 7.5 -2019-12-03
CVE-2019-18230 Honeywell equIP系列和Performance系列IP摄像头访问控制错误漏洞 — Honeywell equIP & Performance series IP cameras 7.5 -2019-10-31
CVE-2019-3978 MikroTik RouterOS 访问控制错误漏洞 — MikroTik RouterOS 7.5 -2019-10-28
CVE-2019-13525 Honeywell IP-AK2 访问控制错误漏洞 — Honeywell IP-AK2 5.3 -2019-10-25
CVE-2019-13549 Rittal Chiller SK 3232-Series 访问控制错误漏洞 — Rittal Chiller SK 3232-Series 7.5 -2019-10-25
CVE-2019-15282 Cisco Identity Services Engine Information Disclosure Vulnerability — Cisco Identity Services Engine Software 5.3 -2019-10-16
CVE-2019-1895 Cisco Enterprise NFV Infrastructure Software VNC Authentication Bypass Vulnerability — Cisco Enterprise NFV Infrastructure Software 9.8 -2019-08-07
CVE-2015-7559 Apache ActiveMQ 输入验证错误漏洞 — ActiveMQ 4.9 -2019-08-01
CVE-2019-10915 Siemens TIA Administrator 访问控制错误漏洞 — TIA Administrator 7.8 -2019-07-11
CVE-2019-1876 Cisco Wide Area Application Services Software HTTPS Proxy Authentication Bypass Vulnerability — Cisco Wide Area Application Services (WAAS) 5.3 -2019-06-20
CVE-2019-1631 Cisco Integrated Management Controller Information Disclosure Vulnerability — Cisco Unified Computing System (Management Software) 5.3 -2019-06-20
CVE-2019-1629 Cisco Integrated Management Controller Arbitrary File Write Vulnerability — Cisco Unified Computing System (Management Software) 7.5 -2019-06-20
CVE-2017-15123 Red Hat CloudForms 访问控制错误漏洞 — CloudForms 7.5 -2019-06-12
CVE-2019-6820 多款Schneider Electric产品访问控制错误漏洞 — Modicon and PacDrive Controller, All versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC drive controller, Modicon M241, Modicon M251, Modicon M258, Modicon LMC058, Modicon LMC078, PacDrive Eco ,PacDrive Pro, PacDrive Pro2 8.2 -2019-05-22
CVE-2019-10919 Siemens LOGO!8 BM 访问控制错误漏洞 — LOGO! 8 BM (incl. SIPLUS variants) 9.8 -2019-05-14

Vulnerabilities classified as CWE-306 (关键功能的认证机制缺失) represent 1119 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.