access:pre-auth 类型相关 20697 条 CVE 漏洞,含 AI 中文分析、CVSS、参考链接与 POC。
“access:pre-auth”标签标识了无需身份验证即可触发的漏洞,涵盖18971个CVE。此类漏洞之所以关键,是因为攻击者无需凭证即可直接利用,极大降低了攻击门槛并扩大了潜在受害面。典型场景包括远程代码执行、未授权数据访问及拒绝服务攻击,常见于配置错误的API接口、默认凭证服务或存在逻辑缺陷的认证前处理模块,对系统安全性构成直接且严重的威胁。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2016-6463 | Cisco AsyncOS for Cisco Email Security Appliances 安全绕过漏洞 — Cisco AsyncOS 9.7.1-066 through 10.0.0-082 | 5.3 | - | 2016-11-19 |
| CVE-2016-6466 | Cisco ASR 5000 Series routers 拒绝服务漏洞 — Cisco StarOS 20.0.0 through 21.0.M0.64246 | 5.3 | - | 2016-11-19 |
| CVE-2016-6472 | Cisco Unified Communications Manager 跨站脚本漏洞 — Cisco Unified Communication Manager 11.5(1.2) | 6.1 | - | 2016-11-19 |
| CVE-2016-6429 | Cisco IP Interoperability and Collaboration System 跨站脚本漏洞 — Cisco IP Interoperability and Collaboration System 4.10(1) | 6.1 | - | 2016-11-03 |
| CVE-2016-6441 | Cisco ASR 900 Series 缓冲区溢出漏洞 — Cisco IOS XE 3.17 and 3.18 | 9.8 | - | 2016-11-03 |
| CVE-2016-6447 | 多款Cisco产品缓冲区溢出漏洞 — Cisco Meeting Server before 2.0.1, Acano Server before 1.9.3, Cisco Meeting App before 1.9.8, Acano Meeting Apps before 1.8.35 | 9.8 | - | 2016-11-03 |
| CVE-2016-6448 | Cisco Meeting Server和Acano Server 缓冲区溢出漏洞 — Cisco Meeting Server before 2.0.3 and Acano Server before 1.9.5 | 9.8 | - | 2016-11-03 |
| CVE-2016-6451 | Cisco Prime Collaboration Provisioning 跨站脚本漏洞 — Cisco Prime Collaboration Provisioning 10.6 | 6.1 | - | 2016-11-03 |
| CVE-2016-6452 | Cisco Prime Home 身份验证绕过漏洞 — Cisco Prime Home before 6.0 | 9.8 | - | 2016-11-03 |
| CVE-2016-6454 | Cisco Hosted Collaboration Mediation Fulfillment 跨站请求伪造漏洞 — Cisco Hosted Collaboration Mediation Fulfillment before 11.5(0.98000.216) | 6.5 | - | 2016-11-03 |
| CVE-2016-6455 | Cisco ASR 5500 Series routers 拒绝服务漏洞 — Cisco StarOS 18.x through 21.x | 5.3 | - | 2016-11-03 |
| CVE-2016-7965 | DokuWiki 安全漏洞 — n/a | 6.5 | - | 2016-10-31 |
| CVE-2016-1423 | Cisco AsyncOS for Cisco Email Security Appliances 安全漏洞 — Cisco AsyncOS 8.0.2-069 | 6.1 | - | 2016-10-28 |
| CVE-2016-1480 | Cisco AsyncOS for Cisco Email Security Appliances和Web Security Appliances 安全漏洞 — Cisco AsyncOS through WSA10.0.0-000 | - | - | 2016-10-28 |
| CVE-2016-1481 | Cisco AsyncOS for Cisco Email Security Appliances 拒绝服务漏洞 — Cisco AsyncOS through 9.7.0-125 | 7.5 | - | 2016-10-28 |
| CVE-2016-1486 | Cisco AsyncOS for Cisco Email Security Appliances 拒绝服务漏洞 — Cisco AsyncOS through 9.7.1-066 | 7.5 | - | 2016-10-28 |
| CVE-2016-6356 | Cisco AsyncOS for Cisco Email Security Appliances 拒绝服务漏洞 — Cisco AsyncOS through 9.7.0-125 | 7.5 | - | 2016-10-28 |
| CVE-2016-6357 | Cisco Email Security Appliance 安全漏洞 — Cisco AsyncOS through 9.9.6-026 | 5.3 | - | 2016-10-28 |
| CVE-2016-6358 | Cisco Email Security Appliance 拒绝服务漏洞 — Cisco Email Security Appliance (ESA) through 9.7.1-000 | 5.3 | - | 2016-10-28 |
| CVE-2016-6360 | Cisco Email Security Appliance和Cisco Web Security Appliance 拒绝服务漏洞 — Cisco AsyncOS through WSA10.0.0-000 | 5.3 | - | 2016-10-28 |
| CVE-2016-6372 | Cisco AsyncOS for Cisco Email Security Appliances和Web Security Appliances 安全绕过漏洞 — Cisco AsyncOS through WSA10.0.0-000 | 8.2 | - | 2016-10-28 |
| CVE-2016-6397 | Cisco IP Interoperability and Collaboration System 身份验证绕过漏洞 — Cisco IPICS 4.8(1) to 4.10(1) | 9.1 | - | 2016-10-28 |
| CVE-2016-6431 | Cisco Adaptive Security Appliance 拒绝服务漏洞 — Cisco ASA Software before 9.6(1.5) | 7.5 | - | 2016-10-27 |
| CVE-2016-6432 | Cisco Adaptive Security Appliance Software 缓冲区错误漏洞 — Cisco ASA Software before 9.6(2.1) | 8.1 | - | 2016-10-27 |
| CVE-2016-6437 | Cisco Wide Area Application Services 拒绝服务漏洞 — Cisco Wide Area Application Services (WAAS) before 5.3(5g)1 and 6.x before 6.2(2.32) | 5.9 | - | 2016-10-27 |
| CVE-2016-6438 | Cisco IOS XE on cBR-8 Converged Broadband Router 安全漏洞 — Cisco IOS XE 3.16S, 3.17S, 3.18.0S, 3.18.1S, 3.18.0SP | 5.9 | - | 2016-10-27 |
| CVE-2016-6439 | Cisco Firepower System Software 拒绝服务漏洞 — Cisco Firepower System Software before 6.0.1 | 7.5 | - | 2016-10-27 |
| CVE-2016-6442 | Cisco Finesse Agent and Supervisor Desktop Software 跨站请求伪造漏洞 — Cisco Finesse 11.0(1) | 8.8 | - | 2016-10-27 |
| CVE-2016-6444 | Cisco Meeting Server 跨站请求伪造漏洞 — Cisco Meeting Server 1.8, 1.9, 2.0 | 8.8 | - | 2016-10-27 |
| CVE-2016-6445 | Cisco Meeting Server 身份验证绕过漏洞 — Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6 | 9.1 | - | 2016-10-27 |
access:pre-auth 是常见的弱点类别,本平台收录该类弱点关联的 20697 条 CVE 漏洞。