CWE-288— Authentication Bypass Using an Alternate Path or Channel
509 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-288page 2 of 11
- CVE-2021-34977HIGHCVSS 8.8EG 8.82022-01-13
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists wi…
- CVE-2021-35530MEDIUMCVSS 6.0EG 8.22022-06-07
A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's TXpert Hub CoreTec 4, that depends on a token validation of the session identifier, allows an unauthorized modified message to be executed in…
- CVE-2021-36308MEDIUMCVSS 5.9EG 9.82021-11-20
Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on t…
- CVE-2021-3849CRITICALCVSS 9.8EG 9.82022-04-22
An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware that could allow an unauthenticated attacker to execute commands on th…
- CVE-2021-3897CRITICALCVSS 9.8EG 9.82022-04-22
An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware during an that could allow an unauthenticated attacker to execute co…
- CVE-2021-41292CRITICALCVSS 9.8EG 9.12021-09-30
ECOA BAS controller suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can remotely bypass authentication and disclose sensitive information and circumvent physical access controls in …
- CVE-2021-41992HIGHCVSS 7.7EG 9.82022-04-30
A misconfiguration of RSA in PingID Windows Login prior to 2.7 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass.
- CVE-2021-41995HIGHCVSS 7.7EG 7.52022-06-30
A misconfiguration of RSA in PingID Mac Login prior to 1.1 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass.
- CVE-2021-4353MEDIUMCVSS 5.3EG 5.32023-10-20
The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthenticated settings export in versions up to, and including, 2.4.1. This is due to missing authorization on the export() function which makes makes it…
- CVE-2021-4373HIGHCVSS 8.8EG 8.82023-06-07
The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5.2. This makes it possible for unauthenticated attackers to import settings via forged request granted they can trick a…
- CVE-2021-43935HIGHCVSS 8.1EG 9.82021-12-15
The impacted products, when configured to use SSO, are affected by an improper authentication vulnerability. This vulnerability allows the application to accept manual entry of any active directory (AD) account provisioned in the applicati…
- CVE-2021-43985CRITICALCVSS 9.1EG 9.12021-12-23
An unauthenticated remote attacker can access mySCADA myPRO Versions 8.20.0 and prior without any form of authentication or authorization.
- CVE-2022-0992CRITICALCVSS 9.8EG 9.82022-04-19
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on initial 2FA set-up that allows unauthenticated …
- CVE-2022-1067MEDIUMCVSS 6.5EG 6.52022-04-11
Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting.
- CVE-2022-1681HIGHCVSS 7.2EG 7.22022-05-12
Authentication Bypass Using an Alternate Path or Channel in GitHub repository requarks/wiki prior to 2.5.281. User can get root user permissions
- CVE-2022-2031HIGHCVSS 8.8EG 8.82022-08-25
A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, ca…
- CVE-2022-22189HIGHCVSS 7.3EG 7.82022-04-14
An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration (CSO) allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local syst…
- CVE-2022-23719HIGHCVSS 7.2EG 6.42022-06-30
PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests. An attacker with the ability to execute code on the target machine maybe able to exploit and spoof the l…
- CVE-2022-23720HIGHCVSS 7.5EG 8.22022-06-30
PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. An IT administrator could mistakenly deploy administrator privileged PingID API credentials, su…
- CVE-2022-23722MEDIUMCVSS 6.5EG 6.52022-05-02
When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password.
- CVE-2022-23723HIGHCVSS 7.7EG 9.82022-05-02
An MFA bypass vulnerability exists in the PingFederate PingOne MFA Integration Kit when adapter HTML templates are used as part of an authentication flow.
- CVE-2022-23724MEDIUMCVSS 6.4EG 8.12022-05-04
Use of static encryption key material allows forging an authentication token to other users within a tenant organization. MFA may be bypassed by redirecting an authentication flow to a target user. To exploit the vulnerability, must have c…
- CVE-2022-23725HIGHCVSS 7.7EG 5.52022-06-30
PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry entries used to store sensitive API keys under some circumstances.
- CVE-2022-23767HIGHCVSS 8.8EG 9.82022-09-19
This vulnerability of SecureGate is SQL-Injection using login without password. A path traversal vulnerability is also identified during file transfer. An attacker can take advantage of these vulnerabilities to perform various attacks such…
- CVE-2022-24047CRITICALCVSS 9.8EG 9.82022-02-18
This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It! 20.21.01.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of…
- CVE-2022-24813MEDIUMCVSS 5.3EG 5.32022-04-04
CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. Without the patch for this issue, anonymous comments can be made using Special:RequestWikiQueue when sent directly via POST. A patch for this issue is available …
- CVE-2022-25369CRITICALCVSS 9.8EG 9.82026-01-23
An issue was discovered in Dynamicweb before 9.12.8. An attacker can add a new administrator user without authentication. This flaw exists due to a logic issue when determining if the setup phases of the product can be run again. Once an a…
- CVE-2022-26865MEDIUMCVSS 6.8EG 6.82022-05-26
Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. An unauthenticated attacker with physical access to the system may exploit this vulnerability by bypassing OS Recovery authentication in …
- CVE-2022-26870HIGHCVSS 7.0EG 9.82022-10-21
Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability under specific configuration. An attacker would gain unauthorized access upon s…
- CVE-2022-27510CRITICALCVSS 9.8EG 9.82022-11-08
Unauthorized access to Gateway user capabilities
- CVE-2022-30623MEDIUMCVSS 5.9EG 9.82022-07-18
The server checks the user's cookie in a non-standard way, and a value is entered in the cookie value name of the status and its value is set to true to bypass the identification with the system using a username and password.
- CVE-2022-31022MEDIUMCVSS 6.2EG 6.22022-06-01
Bleve is a text indexing library for go. Bleve includes HTTP utilities under bleve/http package, that are used by its sample application. These HTTP methods pave way for exploitation of a node’s filesystem where the bleve index resides, …
- CVE-2022-34372CRITICALCVSS 9.8EG 9.12022-09-01
Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially access and interact with the docker registry API leading to an authentication bypa…
- CVE-2022-35869CRITICALCVSS 9.8EG 9.82022-07-25
This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). Authentication is not required to exploit this vulnerability. The specific flaw exists wit…
- CVE-2022-36093HIGHCVSS 8.5EG 8.52022-09-08
XWiki Platform Web Templates are templates for XWiki Platform, a generic wiki platform. By passing a template of the distribution wizard to the xpart template, user accounts can be created even when user registration is disabled. This also…
- CVE-2022-3614MEDIUMCVSS 6.1EG 6.12023-01-03
In affected versions of Octopus Deploy users of certain browsers using AD to sign-in to Octopus Server were able to bypass authentication checks and be redirected to the configured redirect url without any validation.
- CVE-2022-36249MEDIUMCVSS 5.4EG 5.42023-05-30
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass 2FA via APIs. For Controlpanel Lite. "After login we are directly able to use the bearer token or jsession ID to access the apis instead of en…
- CVE-2022-40725HIGHCVSS 7.3EG 7.32023-04-25
PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be exploited to bypass the maximum PIN attempts permitted before the time-based lockout is activated.
- CVE-2022-42275HIGHCVSS 7.7EG 7.12023-01-13
NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and denial of service.
- CVE-2022-42276HIGHCVSS 7.5EG 8.22023-01-13
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information …
- CVE-2022-42277HIGHCVSS 7.5EG 8.22023-01-13
NVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and informati…
- CVE-2022-46732CRITICALCVSS 9.8EG 9.82023-01-18
Even if the authentication fails for local service authentication, the requested command could still execute regardless of authentication status.
- CVE-2022-47311HIGHCVSS 8.5EG 8.52023-05-22
A proprietary protocol for iBoot devices is used for control and keepalive commands. The function compares the username and password; it also contains the configuration data for the user specified. If the user does not exist, then it sends…
- CVE-2022-47320HIGHCVSS 8.1EG 8.12023-05-22
The iBoot device’s basic discovery protocol assists in initial device configuration. The discovery protocol shows basic information about devices on the network and allows users to perform configuration changes.
- CVE-2022-47578HIGHCVSS 7.1EG 7.82022-12-20
An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, e…
- CVE-2023-1260HIGHCVSS 8.0EG 8.02023-09-24
An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the defa…
- CVE-2023-20003MEDIUMCVSS 4.7EG 4.72023-05-18
A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due …
- CVE-2023-20018HIGHCVSS 8.6EG 6.52023-01-20
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to insufficien…
- CVE-2023-20247MEDIUMCVSS 5.0EG 5.02023-11-01
A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certif…
- CVE-2023-20269MEDIUMCVSS 5.0EG 9.0⚠ KEV2023-09-06
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an at…
Map vulnerabilities like CWE-288 to your infrastructure
EchelonGraph correlates every CVE — across CWE-288 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →