Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19411

19411 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2017-14423 D-Link DIR-850L REV. A 安全漏洞 — n/a 7.5 -2017-09-13
CVE-2017-14429 D-Link DIR-850L REV.A和REV.B DHCP客户端安全漏洞 — n/a 9.8 -2017-09-13
CVE-2017-14337 MISP 安全漏洞 — n/a 8.1 -2017-09-12
CVE-2017-12212 Cisco Unity Connection 跨站脚本漏洞 — Cisco Unity ConnectionCWE-79 6.1 -2017-09-07
CVE-2017-12213 Cisco Catalyst 4000 Series Switches IOS XE Software 安全漏洞 — Cisco Catalyst 4000 Series SwitchesCWE-287 6.5 -2017-09-07
CVE-2017-12216 Cisco SocialMiner 安全漏洞 — Cisco SocialMinerCWE-200 8.8 -2017-09-07
CVE-2017-12217 Cisco ASR 5500 System Architecture Evolution Gateways 安全漏洞 — Cisco ASR 5500 System Architecture Evolution GatewayCWE-20 5.3 -2017-09-07
CVE-2017-12218 Cisco Email Security Appliances Advanced Malware Protection 安全漏洞 — Cisco Email Security ApplianceCWE-20 5.8 -2017-09-07
CVE-2017-12220 Cisco Firepower Management Center 跨站脚本漏洞 — Cisco Firepower Management CenterCWE-79 6.1 -2017-09-07
CVE-2017-12223 Cisco IR800 Integrated Services Router Software 输入验证漏洞 — Cisco IR800 Integrated Services RouterCWE-20 6.4 -2017-09-07
CVE-2017-6627 Cisco IOS和IOS XE 安全漏洞 — Cisco IOS and Cisco IOS XECWE-399 7.5 -2017-09-07
CVE-2017-6631 Cisco YesMaxTotal、YesMax HD和YesQuattro STB 安全漏洞 — Cisco Yes Set-Top BoxCWE-399 7.5 -2017-09-07
CVE-2017-6780 Cisco IoT Field Network Director 资源管理错误漏洞 — Cisco IoT Field Network DirectorCWE-399 7.5 -2017-09-07
CVE-2017-6789 Cisco Unified Intelligence Center 跨站脚本漏洞 — Cisco Unified Intelligence CenterCWE-79 6.1 -2017-09-07
CVE-2017-6791 Cisco Unified Communications Manager 安全漏洞 — Cisco Unified Communications ManagerCWE-119 7.5 -2017-09-07
CVE-2017-14117 Arris NVG589和NVG599 AT&T U-verse 安全漏洞 — n/a 5.9 -2017-09-03
CVE-2017-12786 NoviFlow NoviWare和NoviSwitch设备缓冲区错误漏洞 — n/a 9.8 -2017-08-22
CVE-2017-12787 NoviFlow NoviWare和NoviSwitch设备安全漏洞 — n/a 9.8 -2017-08-22
CVE-2017-5187 Micro Focus Enterprise Developer和Enterprise Server Directory Server 跨站请求伪造漏洞 — Micro Focus Enterprise Developer, Micro Focus Enterprise ServerCWE-352 8.8 -2017-08-21
CVE-2017-7420 Micro Focus Enterprise Developer和Enterprise Server ESMAC 权限许可和访问控制漏洞 — Micro Focus Enterprise Developer, Micro Focus Enterprise ServerCWE-287 9.1 -2017-08-21
CVE-2017-7423 Micro Focus Enterprise Developer和Enterprise Server 跨站请求伪造漏洞 — Micro Focus Enterprise Developer, Micro Focus Enterprise ServerCWE-352 8.1 -2017-08-21
CVE-2017-6771 Cisco Ultra Services Framework AutoVNF automation工具信息泄露漏洞 — Ultra Services Framework 5.3 -2017-08-17
CVE-2017-6776 Cisco Elastic Services Controller 跨站脚本漏洞 — Elastic Services Controller 6.1 -2017-08-17
CVE-2017-6784 Cisco RV340、RV345和RV345P Dual WAN Gigabit VPN Routers 信息泄露漏洞 — RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers 5.3 -2017-08-17
CVE-2017-6788 Cisco AnyConnect Secure Mobility Client Software 跨站脚本漏洞 — AnyConnect WebLaunch 6.1 -2017-08-17
CVE-2017-6790 Cisco TelePresence Video Communication Server 安全漏洞 — TelePresence Video Communication Server (VCS) 5.9 -2017-08-17
CVE-2017-10005 Oracle FLEXCUBE Private Banking 安全漏洞 — FLEXCUBE Private Banking 6.1 -2017-08-08
CVE-2017-10013 Oracle Sun ZFS Storage Appliance Kit 安全漏洞 — Sun ZFS Storage Appliance Kit (AK) Software 8.3 -2017-08-08
CVE-2017-10016 Oracle Sun Systems Products Suite Sun ZFS Storage Appliance Kit 安全漏洞 — Sun ZFS Storage Appliance Kit (AK) Software 7.5 -2017-08-08
CVE-2017-10017 Oracle PeopleSoft Enterprise PeopleTools 安全漏洞 — PeopleSoft Enterprise PT PeopleTools 6.1 -2017-08-08

Vulnerabilities classified as access:pre-auth represent 19411 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.