Weaknesses of type CWE-287
1,838 resultsCVE-2020-10918HIGHThis vulnerability allows remote attackers to bypass authentication on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch EPSS 2.7%CVE-2023-46290HIGHRockwell Automation FactoryTalk Services Platform Elevated Privileges VulnerabilityEPSS 2.7%CVE-2017-7920—An Improper Authentication issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for ReEPSS 2.7%CVE-2018-5459—An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute dEPSS 2.7%CVE-2025-1104MEDIUMD-Link DHP-W310AV authentication spoofingEPSS 2.7%CVE-2025-30287HIGHColdFusion | Improper Authentication (CWE-287)EPSS 2.7%CVE-2018-0121—A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could alloEPSS 2.7%CVE-2018-13804—A vulnerability has been identified in SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (Versions V7.1 < V7.1 Upd3), SIMATIC IT UAEPSS 2.7%CVE-2022-24882CRITICALServer side NTLM does not properly check parameters in FreeRDPEPSS 2.7%CVE-2017-7931—In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to acceEPSS 2.6%CVE-2017-7919—An Improper Authentication issue was discovered in Newport XPS-Cx and XPS-Qx. An attacker may bypass authentication by accessing a specific EPSS 2.6%CVE-2024-49757HIGHZitadel User Registration Bypass VulnerabilityEPSS 2.6%CVE-2019-18337CRITICALA vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) contains an authEPSS 2.5%CVE-2017-11428HIGHMultiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversalEPSS 2.5%CVE-2019-18315—A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network accessEPSS 2.5%CVE-2017-13995—An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does nEPSS 2.5%CVE-2020-10888MEDIUMThis vulnerability allows remote attackers to bypass authentication on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC17EPSS 2.5%CVE-2023-22964CRITICALZoho ManageEngine ServiceDesk Plus MSP before 10611, and 13x before 13004, is vulnerable to authentication bypass when LDAP authentication iEPSS 2.4%CVE-2017-7420—An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer anEPSS 2.4%CVE-2017-11429HIGHMultiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversalEPSS 2.4%