映射到 CWE-287 的搜索结果 (1087)

CVE-2014-9624(发布:2017-09-12 10:29:00)NM
CVSS5.0

[原文]CAPTCHA bypass vulnerability in MantisBT before 1.2.19.

CVE-2017-7649(发布:2017-09-11 12:29:00)NM
CVSS10.0

[原文]The network enabled distribution of Kura before 2.1.0 takes control over the device's firewall setup but does not allow IPv6 firewall rules to be configured. Still the Equinox console port 5002 is left open, allowing to log into Kura without any user credentials over unencrypted telnet and executing commands using the Equinox "exec" command. As the process is running as "root" full control over the device can be acquired. IPv6 is also left in auto-configuration mode, accepting router advertisements automatically and assigns a MAC address based IPv6 address.

CVE-2015-3442(发布:2017-09-07 09:29:00)NMCPS
CVSS7.5

[CNNVD]Xpert.Line 身份验证绕过漏洞--Xpert.Line是瑞士Xpert.Line公司的一套智能企业资源计划(ERP)解决方案。 Xpert.Line远程中存在身份验证绕过漏洞。攻击者可利用该漏洞绕过身份验证机制,执行未授权操作。Xpert.Line 3.0版本中存在漏洞,其他版本也可能受到影响。 ...

CVE-2015-7746(发布:2017-09-01 09:29:00)NM
CVSS7.5

[原文]NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows remote attackers to bypass authentication and (1) obtain sensitive information from or (2) modify volumes via vectors related to UTF-8 in the volume language.

CVE-2015-8332(发布:2017-08-28 17:29:00)NMS
CVSS6.5

[原文]Huawei Video Content Management (VCM) before V100R001C10SPC001 does not properly "authenticate online user identities and privileges," which allows remote authenticated users to gain privileges and perform a case operation as another user via a crafted message, aka "Horizontal Privilege Escalation Vulnerability."

CVE-2015-1401(发布:2017-08-28 11:29:01)NMC
CVSS7.5

[CNNVD]TYPO3 LDAP/SSO Authentication扩展身份验证绕过漏洞--TYPO3是瑞士TYPO3协会维护的一套免费开源的内容管理系统(框架)(CMS/CMF)。LDAP / SSO Authentication是其中的一个提供了LDAP或SSO验证服务的扩展模块。 TYPO3 LDAP/SSO Authentication扩展中存在身份验证绕过漏洞...

首页上一页12345678下一页尾页 第3页 / 共182页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站