映射到 CWE-306 的搜索结果 (14)

CVE-2018-5338(发布:2018-04-18 04:29:00)NM
CVSS7.5

[原文]An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing authentication/authorization for a database query mechanism.

CVE-2018-0521(发布:2018-03-09 11:29:00)NM
CVSS8.3

[原文]Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.

CVE-2014-7271(发布:2018-03-08 15:29:00)NMCS
CVSS4.6

[CNNVD]SDDM 本地身份验证绕过漏洞--SDDM是一款基于QML的X11显示管理器。 SDDM中存在本地身份验证绕过漏洞。本地攻击者可利用该漏洞绕过安全限制,执行未授权操作。

CVE-2018-2368(发布:2018-03-01 12:29:00)NMS
CVSS7.5

[原文]SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, 7.31, 7.40, does not perform any authentication checks for functionalities that require user identity.

CVE-2018-7301(发布:2018-02-22 14:29:06)NM
CVSS7.5

[原文]eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices.

CVE-2018-2360(发布:2018-01-09 10:29:00)NMS
CVSS5.0

[原文]SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause consumption of file system storage.

123下一页尾页 第1页 / 共3页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站