access:pre-auth 类型相关 20041 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2017-3830 | Cisco Meeting Server 安全漏洞 — Cisco Meeting Server | 7.5 | - | 2017-02-22 |
| CVE-2017-3833 | Cisco Unified Communications Manager 跨站脚本漏洞 — Cisco Unified Communications Manager | 6.1 | - | 2017-02-22 |
| CVE-2017-3836 | Cisco Unified Communications Manager 信息泄露漏洞 — Cisco Unified Communications Manager | 5.3 | - | 2017-02-22 |
| CVE-2017-3838 | Cisco Secure Access Control System 跨站脚本漏洞 — Cisco Secure Access Control System | 6.1 | - | 2017-02-22 |
| CVE-2017-3839 | Cisco Secure Access Control System 安全漏洞 — Cisco Secure Access Control System | 5.3 | - | 2017-02-22 |
| CVE-2017-3840 | Cisco Secure Access Control System 输入验证漏洞 — Cisco Secure Access Control System | 6.1 | - | 2017-02-22 |
| CVE-2017-3841 | Cisco Secure Access Control System 信息泄露漏洞 — Cisco Secure Access Control System | 7.5 | - | 2017-02-22 |
| CVE-2017-3842 | Cisco Intrusion Prevention System Device Manager 信息泄露漏洞 — Cisco Intrusion Prevention System Device Manager | 5.3 | - | 2017-02-22 |
| CVE-2017-3845 | Cisco Prime Collaboration Assurance 跨站脚本漏洞 — Cisco Prime Collaboration Assurance | 6.1 | - | 2017-02-22 |
| CVE-2017-6095 | WordPress Mail Masta SQL注入漏洞 — n/a | 9.8 | - | 2017-02-21 |
| CVE-2017-5344 | dotCMS SQL注入漏洞 — n/a | 9.8 | - | 2017-02-17 |
| CVE-2016-8361 | Lynxspring JENEsys BAS Bridge 安全漏洞 — Lynxspring JENEsys BAS Bridge 1.1.8 and older | 9.4 | - | 2017-02-13 |
| CVE-2016-9357 | 多款Eaton ePDUs产品路径遍历漏洞 — Eaton ePDU EoL devices | 5.3 | - | 2017-02-13 |
| CVE-2016-9363 | 多款Moxa Nport产品缓冲区溢出漏洞 — Moxa NPort | 8.4 | - | 2017-02-13 |
| CVE-2016-9369 | 多款Moxa Nport产品安全漏洞 — Moxa NPort | 8.4 | - | 2017-02-13 |
| CVE-2017-5144 | Carlo Gavazzi Automation VMU-C EM和VMU-C PV 安全漏洞 — Carlo Gavazzi VMU-C EM and VMU-C PV | 9.8 | - | 2017-02-13 |
| CVE-2017-5163 | Belden Hirschmann GECKO Lite Managed Switch 信息泄露漏洞 — Belden Hirschmann GECKO 2.0.00 and prior | 5.9 | - | 2017-02-13 |
| CVE-2017-3813 | Cisco AnyConnect Secure Mobility Client Software for Windows 授权问题漏洞 — Cisco AnyConnect Secure Mobility Client Software for Windows Versions prior to released versions 4.4.00243 and later and 4.3.05017 and later.CWE-264 | 7.1 | - | 2017-02-09 |
| CVE-2016-9005 | IBM TS3100和TS3200 Tape库安全漏洞 — System Storage | 9.8 | - | 2017-02-08 |
| CVE-2016-2403 | Sensio Labs Symfony 安全漏洞 — n/a | 9.8 | - | 2017-02-07 |
| CVE-2017-5876 | dotCMS 跨站脚本漏洞 — n/a | 6.1 | - | 2017-02-06 |
| CVE-2017-5877 | dotCMS 跨站脚本漏洞 — n/a | 6.1 | - | 2017-02-06 |
| CVE-2017-5137 | TalariaX SendQuick Entera和Avera设备安全漏洞 — n/a | 7.5 | - | 2017-02-05 |
| CVE-2017-3809 | Cisco Firepower Management Center 安全漏洞 — Cisco Firepower Management Center (FMC) 6.1.0 6.2.0 | - | - | 2017-02-03 |
| CVE-2017-3812 | Cisco Industrial Ethernet 2000 Series Switches 安全漏洞 — Cisco Industrial Ethernet 2000 Switches 15.2(5.4.32i)E2 | 6.8 | - | 2017-02-03 |
| CVE-2017-3814 | Cisco Firepower System Software 安全漏洞 — Cisco Firepower System Software 5.x 6.x | 5.8 | - | 2017-02-03 |
| CVE-2017-3818 | Cisco AsyncOS Software for Cisco Email Security Appliances 安全漏洞 — Cisco AsyncOS 9.7.1-066 | 5.8 | - | 2017-02-03 |
| CVE-2017-3822 | 多款Cisco产品Firepower Threat Defense Software 安全漏洞 — Cisco Firepower Threat Defense Software versions 6.1.x | 5.3 | - | 2017-02-03 |
| CVE-2017-3824 | Cisco cBR-8 Converged Broadband Routers 安全漏洞 — Cisco IOS XE 15.x | 6.8 | - | 2017-02-03 |
| CVE-2016-3023 | IBM Security Access Manager 安全漏洞 — Access Manager | 5.3 | - | 2017-02-01 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 20041 条 CVE 漏洞。