Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 19065

19065 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

The tag "access:pre-auth" identifies vulnerabilities that allow unauthenticated attackers to gain unauthorized access to a system, application, or network resource before legitimate credentials are verified. This classification is critical because it represents the lowest barrier to entry for exploitation, enabling remote code execution, data exfiltration, or full system compromise without prior authentication. Typical scenarios involve flaws in authentication mechanisms, such as broken access controls, insecure direct object references, or logic errors in session management that bypass login requirements. Attackers frequently target these weaknesses via exposed APIs, administrative interfaces, or default configurations. Because no user interaction or valid credentials are needed, pre-authentication flaws are among the most severe and widely exploited security issues, often leading to immediate breach of confidentiality, integrity, and availability across affected infrastructure.

CVE IDTitleCVSSSeverityPublished
CVE-2017-3804 Cisco Nexus 5000、6000和7000 Series Switches 资源管理错误漏洞 — Cisco Nexus 5000, 6000, 7000 6.1 -2017-01-26
CVE-2017-3805 Cisco IOS Software和IOx Software 信息泄露漏洞 — Cisco IOS and Cisco IOx 7.5 -2017-01-26
CVE-2017-5182 Micro Focus OES Remote Manager存在路径遍历漏洞 — Open Enterprise Server 7.5 -2017-01-23
CVE-2017-5574 MetalGenix GeniXCMS SQL注入漏洞 — n/a 9.8 -2017-01-23
CVE-2016-10140 ZoneMinder 安全漏洞 — n/a 7.5 -2017-01-13
CVE-2016-8398 Android Qualcomm组件安全漏洞 — Android 9.8 -2017-01-12
CVE-2016-6820 NetApp MetroCluster Tiebreaker for clustered Data ONTAP 安全漏洞 — n/a 7.5 -2017-01-11
CVE-2015-4591 EClinicalWorks Population Health Client Portal 跨站脚本漏洞 — n/a 6.1 -2017-01-10
CVE-2016-9885 Pivotal Software GemFire for PCF 安全漏洞 — GemFire for PCF 1.6.x versions prior to 1.6.5 and 1.7.x versions prior to 1.7.1 9.8 -2017-01-06
CVE-2016-10107 Western Digital MyCloud NAS 命令注入漏洞 — n/a 9.8 -2017-01-03
CVE-2016-10108 Western Digital MyCloud NAS 命令注入漏洞 — n/a 9.8 -2017-01-03
CVE-2016-9217 Cisco Intercloud Fabric for Business和Intercloud Fabric for Providers 安全漏洞 — Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers 7.3(0)ZN(0.99) 8.2 -2016-12-26
CVE-2016-9223 Cisco CloudCenter Orchestrator Docker Engine 权限许可和访问控制漏洞 — Cisco CloudCenter Orchestrator 9.8 -2016-12-26
CVE-2016-9224 Cisco Jabber Guest Server 安全漏洞 — Cisco Jabber Guest Server 10.6(9) 6.5 -2016-12-26
CVE-2016-6848 Open-Xchange OX App Suite 安全漏洞 — n/a 8.4 -2016-12-15
CVE-2016-1411 Cisco AsyncOS Software 安全漏洞 — Cisco AsyncOS 5.9 -2016-12-14
CVE-2016-6464 Cisco Unified Communications Manager IM和Presence Service 信息泄露漏洞 — Cisco Unified Communications Manager 5.3 -2016-12-14
CVE-2016-6465 Cisco AsyncOS for Cisco Email Security Appliances 安全绕过漏洞 — Cisco AsyncOS--2016-12-14
CVE-2016-6467 Cisco ASR 5000 Series Aggregation Services Routers拒绝服务漏洞 — Cisco Aggregation Services Router (ASR) 5000 Series Switch 7.5 -2016-12-14
CVE-2016-6468 Cisco Emergency Responder 跨站请求伪造漏洞 — Cisco Emergency Responder 8.8 -2016-12-14
CVE-2016-6469 Cisco AsyncOS for Cisco Web Security Appliance 拒绝服务漏洞 — Cisco Web Security Appliance (WSA) 7.5 -2016-12-14
CVE-2016-6473 Cisco IOS Frame Forwarding 拒绝服务漏洞 — Cisco IOS 6.5 -2016-12-14
CVE-2016-6474 Cisco IOS和IOS XE Software 身份验证绕过漏洞 — Cisco IOS 7.7 -2016-12-14
CVE-2016-9193 Cisco Firepower Management Center和Cisco FireSIGHT System Software Malicious Software 安全漏洞 — Cisco FireSIGHT 7.5 -2016-12-14
CVE-2016-9198 Cisco Identity Services Engine Active Directory Integration Component 拒绝服务漏洞 — Cisco Identity Services Engine (ISE) 7.5 -2016-12-14
CVE-2016-9200 Cisco Prime Collaboration Assurance 跨站脚本漏洞 — Cisco Prime Collaboration Assurance 6.1 -2016-12-14
CVE-2016-9201 Cisco IOS和Cisco IOS XE Software 安全漏洞 — Cisco IOS and Cisco IOS XE 7.5 -2016-12-14
CVE-2016-9202 Cisco AsyncOS Software for Email Security Appliances 跨站脚本漏洞 — Cisco Email Security Appliance (ESA) 6.1 -2016-12-14
CVE-2016-9203 Cisco ASR 5000 Series 安全漏洞 — Cisco ASR 5000 5.9 -2016-12-14
CVE-2016-9204 Cisco Intercloud Fabric Director Static Credentials 安全漏洞 — Cisco Intercloud Fabric (ICF) Director 6.5 -2016-12-14

Vulnerabilities classified as access:pre-auth represent 19065 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.