映射到 CWE-287 的搜索结果 (995)

CVE-2016-3176(发布:2017-01-31 14:59:00)NM
CVSS4.3

[原文]Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient.

CVE-2016-4484(发布:2017-01-23 16:59:01)NMPS
CVSS7.2

[原文]The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.

CVE-2016-4322(发布:2016-12-13 15:59:00)NMPS
CVSS7.5

[原文]BMC BladeLogic Server Automation (BSA) before 8.7 Patch 3 allows remote attackers to bypass authentication and consequently read arbitrary files or possibly have unspecified other impact by leveraging a "logic flaw" in the authentication process.

CVE-2016-2944(发布:2016-11-30 06:59:09)NMS
CVSS5.0

[原文]IBM BigFix Remote Control before 9.1.3 does not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach.

CVE-2016-4860(发布:2016-09-18 21:59:03)NMS
CVSS7.5

[原文]Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication for Logic Designer connections, which allows remote attackers to reconfigure the device or cause a denial of service via a (1) stop application program, (2) change value, or (3) modify application command.

CVE-2016-0883(发布:2016-09-17 22:59:00)NM
CVSS5.0

[原文]Pivotal Cloud Foundry (PCF) Ops Manager before 1.5.14 and 1.6.x before 1.6.9 uses the same cookie-encryption key across different customers' installations, which allows remote attackers to bypass session authentication by leveraging knowledge of this key from another installation.

首页上一页12345678下一页尾页 第3页 / 共166页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站