Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19411

19411 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2017-12233 Cisco IOS 输入验证漏洞 — Cisco IOSCWE-20 7.5 -2017-09-28
CVE-2017-12234 Cisco IOS 输入验证漏洞 — Cisco IOSCWE-20 7.5 -2017-09-28
CVE-2017-12235 Cisco IOS 输入验证漏洞 — Cisco IOSCWE-20 7.5 -2017-09-28
CVE-2017-12236 Cisco IOS XE 授权问题漏洞 — Cisco IOS XECWE-287 9.8 -2017-09-28
CVE-2017-12237 Cisco IOS和IOS XE Internet Key Exchange模块资源管理错误漏洞 — Cisco IOS and IOS XECWE-399 7.5 -2017-09-28
CVE-2017-12238 Cisco Catalyst 6800 Series Switches 资源管理错误漏洞 — Cisco IOSCWE-399 6.5 -2017-09-28
CVE-2017-12239 Cisco ASR 1000 Series Aggregation Services Routers和Cisco cBR-8 Converged Broadband Routers IOS XE 权限许可和访问控制问题漏洞 — Cisco IOS XECWE-264 7.6 -2017-09-28
CVE-2017-12240 Cisco IOS和IOS XE Software DHCP relay子系统缓冲区错误漏洞 — Cisco IOS and IOS XECWE-20 9.8 -2017-09-28
CVE-2017-10932 ZTE Microwave NR8000系列产品安全漏洞 — NR8000 Series 9.8 -2017-09-27
CVE-2017-14743 Faleemi FSC-880 SQL注入漏洞 — n/a 8.1 -2017-09-26
CVE-2017-7973 Schneider Electric U.motion Builder软件SQL注入漏洞 — U.Motion 9.8 -2017-09-25
CVE-2017-7974 Schneider Electric U.motion Builder软件路径遍历漏洞 — U.Motion 9.8 -2017-09-25
CVE-2017-9959 Schneider Electric U.motion Builder 安全漏洞 — n/a 7.5 -2017-09-25
CVE-2017-9960 Schneider Electric U.motion Builder 信息泄露漏洞 — U.Motion 5.3 -2017-09-25
CVE-2017-14705 多款DenyAll产品安全漏洞 — n/a 8.1 -2017-09-22
CVE-2017-14706 多款DenyAll产品授权问题漏洞 — n/a 9.1 -2017-09-22
CVE-2017-14652 Tapatalk plugin for MyBB SQL注入漏洞 — n/a 9.8 -2017-09-21
CVE-2017-12930 TecnoVISION DLX Spot Player4 SQL注入漏洞 — n/a 9.8 -2017-09-21
CVE-2017-12215 Cisco Email Security Appliance AsyncOS Software 安全漏洞 — Cisco Email Security ApplianceCWE-20 8.6 -2017-09-21
CVE-2017-12219 Cisco Small Business SPA300、SPA500和SPA51x系列IP电话安全漏洞 — Cisco Small Business SPA300, SPA500, and SPA51x Series IP PhonesCWE-399 7.5 -2017-09-21
CVE-2017-12248 Cisco Unified Intelligence Center Software 跨站脚本漏洞 — Cisco Unified Intelligence CenterCWE-79 6.1 -2017-09-21
CVE-2017-12250 Cisco Wide Area Application Services 安全漏洞 — Cisco Wide Area Application ServicesCWE-399 5.3 -2017-09-21
CVE-2017-12253 Cisco Unified Intelligence Center 跨站请求伪造漏洞 — Cisco Unified Intelligence CenterCWE-352 8.8 -2017-09-21
CVE-2017-12254 Cisco Unified Intelligence Center 跨站脚本漏洞 — Cisco Unified Intelligence CenterCWE-79 6.1 -2017-09-21
CVE-2017-14623 go-ldap ldap 信任管理问题漏洞 — n/a 8.1 -2017-09-20
CVE-2017-7924 多款Rockwell Automation产品输入验证漏洞 — Rockwell Automation MicroLogix 1100 ControllersCWE-20 7.5 -2017-09-20
CVE-2017-9798 Apache HTTP Server 资源管理错误漏洞 — Apache HTTP Server 7.5 -2017-09-18
CVE-2017-14510 SugarCRM 跨站脚本漏洞 — n/a 6.1 -2017-09-17
CVE-2017-1002100 Google Kubernetes 安全漏洞 — Kubernetes 6.5 -2017-09-14
CVE-2017-12249 Cisco Meeting Server Traversal Using Relay NAT服务器安全漏洞 — Cisco Meeting ServerCWE-16 9.9 -2017-09-13

Vulnerabilities classified as access:pre-auth represent 19411 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.