CWE-287
DiscouragedImproper Authentication
Abstraction: Class · Status: Draft
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
5964 vulnerabilities reference this CWE, most recent first.
CVE-2024-21390 (GCVE-0-2024-21390)
Vulnerability from cvelistv5 – Published: 2024-03-12 16:57 – Updated: 2025-05-03 00:46- CWE-287 - Improper Authentication
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Authenticator |
Affected:
1.0.0 , < 6.2401.0617
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21390",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T19:23:00.726547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T19:39:22.234Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:20:40.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Authenticator Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21390"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Microsoft Authenticator",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2401.0617",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:authenticator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2401.0617",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-03-12T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Authenticator Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-03T00:46:55.838Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Authenticator Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21390"
}
],
"title": "Microsoft Authenticator Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-21390",
"datePublished": "2024-03-12T16:57:58.077Z",
"dateReserved": "2023-12-08T22:45:20.454Z",
"dateUpdated": "2025-05-03T00:46:55.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20738 (GCVE-0-2024-20738)
Vulnerability from cvelistv5 – Published: 2024-02-15 12:22 – Updated: 2024-08-01 21:59- CWE-287 - Improper Authentication (CWE-287)
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/framema… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Adobe Framemaker Publishing Server |
Affected:
0 , ≤ 2022.1
(semver)
|
|
| adobe | framemaker_publishing_server |
Affected:
0 , ≤ 2022.1
(custom)
Affected: 0 , ≤ 2020 (custom) cpe:2.3:a:adobe:framemaker_publishing_server:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:framemaker_publishing_server:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "framemaker_publishing_server",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "2022.1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20738",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-01T05:01:07.331328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T17:39:59.040Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-10.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Adobe Framemaker Publishing Server",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2022.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe FrameMaker Publishing Server versions 2022.1 and earlier are affected by an Improper Authentication vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass authentication mechanisms and gain unauthorized access. Exploitation of this issue does not require user interaction."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "NETWORK",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication (CWE-287)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-15T16:32:10.311Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-10.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe FrameMaker Publishing Server Authentication Bypass Vulnerability | CVE-2023-44324 bypass"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20738",
"datePublished": "2024-02-15T12:22:52.018Z",
"dateReserved": "2023-12-04T16:52:22.971Z",
"dateUpdated": "2024-08-01T21:59:42.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20301 (GCVE-0-2024-20301)
Vulnerability from cvelistv5 – Published: 2024-03-06 16:28 – Updated: 2024-08-01 21:59- CWE-287 - Improper Authentication
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20301",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-07T16:34:32.836107Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:40:41.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:41.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-duo-win-bypass-pn42KKBm",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-win-bypass-pn42KKBm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Duo",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.0.1"
},
{
"status": "affected",
"version": "1.0.2"
},
{
"status": "affected",
"version": "1.0.3"
},
{
"status": "affected",
"version": "1.0.4"
},
{
"status": "affected",
"version": "1.1.0"
},
{
"status": "affected",
"version": "1.1.1"
},
{
"status": "affected",
"version": "2.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. \r\n\r This vulnerability is due to a failure to invalidate locally created trusted sessions after a reboot of the affected device. An attacker with primary user credentials could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the affected device without valid permissions."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-06T16:28:22.087Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-duo-win-bypass-pn42KKBm",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-win-bypass-pn42KKBm"
}
],
"source": {
"advisory": "cisco-sa-duo-win-bypass-pn42KKBm",
"defects": [
"CSCwi57924"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20301",
"datePublished": "2024-03-06T16:28:22.087Z",
"dateReserved": "2023-11-08T15:08:07.630Z",
"dateUpdated": "2024-08-01T21:59:41.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-14034 (GCVE-0-2024-14034)
Vulnerability from cvelistv5 – Published: 2026-04-02 20:01 – Updated: 2026-05-14 02:07- CWE-287 - Improper Authentication (CWE-287)
| URL | Tags |
|---|---|
| https://assets.belden.com/m/7ec5c6da25ef288/origi… | vendor-advisory |
| https://www.vulncheck.com/advisories/hirschmann-h… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Belden | Hirschmann HiEOS LRS11 |
Affected:
0 , < 01.1.00
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-14034",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-03T13:38:37.515745Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-03T13:41:18.277Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Hirschmann HiEOS LRS11",
"vendor": "Belden",
"versions": [
{
"lessThan": "01.1.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-04-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Hirschmann HiEOS devices versions prior to 01.1.00 contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTP(S) requests. Attackers can exploit improper authentication handling to obtain elevated privileges and perform unauthorized actions including configuration download or upload and firmware modification."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication (CWE-287)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T02:07:13.288Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Belden Security Bulletins",
"tags": [
"vendor-advisory"
],
"url": "https://assets.belden.com/m/7ec5c6da25ef288/original/Belden_Security_Bulletin_BSECV-2024-02_1v0.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/hirschmann-hieos-authentication-bypass-via-http-management-module"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Hirschmann HiEOS Authentication Bypass via HTTP Management Module"
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2024-14034",
"datePublished": "2026-04-02T20:01:23.748Z",
"dateReserved": "2026-04-01T21:21:41.800Z",
"dateUpdated": "2026-05-14T02:07:13.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13528 (GCVE-0-2024-13528)
Vulnerability from cvelistv5 – Published: 2025-02-12 09:22 – Updated: 2026-04-08 16:34- CWE-287 - Improper Authentication
| Vendor | Product | Version | |
|---|---|---|---|
| wpcodefactory | Customer Email Verification for WooCommerce |
Affected:
0 , ≤ 2.9.5
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13528",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T14:37:39.130792Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T14:38:45.364Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Customer Email Verification for WooCommerce",
"vendor": "wpcodefactory",
"versions": [
{
"lessThanOrEqual": "2.9.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.9.5. This is due to the presence of a shortcode that will generate a confirmation link with a placeholder email. This makes it possible for authenticated attackers, with Contributor-level access and above, to generate a verification link for any unverified user and log into the account. The \u0027Fine tune placement\u0027 option must be enabled in the plugin settings in order to exploit the vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:34:49.661Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0b3798e3-45fe-4829-9012-dc728d4af87f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/emails-verification-for-woocommerce/tags/2.9.2/includes/class-alg-wc-ev-emails.php#L151"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3238136/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-11T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Customer Email Verification for WooCommerce \u003c= 2.9.5 - Authentication Bypass via Shortcode"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13528",
"datePublished": "2025-02-12T09:22:47.776Z",
"dateReserved": "2025-01-17T23:24:53.274Z",
"dateUpdated": "2026-04-08T16:34:49.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13309 (GCVE-0-2024-13309)
Vulnerability from cvelistv5 – Published: 2025-01-09 20:27 – Updated: 2025-01-30 21:33- CWE-287 - Improper Authentication
| Vendor | Product | Version | |
|---|---|---|---|
| Drupal | Login Disable |
Affected:
2.0.0 , < 2.1.1
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-13309",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T14:05:39.696572Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T21:33:50.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.drupal.org/project/login_disable",
"defaultStatus": "unaffected",
"product": "Login Disable",
"repo": "https://git.drupalcode.org/project/login_disable",
"vendor": "Drupal",
"versions": [
{
"lessThan": "2.1.1",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "e5sego"
},
{
"lang": "en",
"type": "remediation developer",
"value": "e5sego"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Sang Lostrie"
},
{
"lang": "en",
"type": "coordinator",
"value": "Ivo Van Geertruyen"
},
{
"lang": "en",
"type": "coordinator",
"value": "Greg Knaddison"
},
{
"lang": "en",
"type": "coordinator",
"value": "Benji Fisher"
}
],
"datePublic": "2024-12-11T12:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.\u003cp\u003eThis issue affects Login Disable: from 2.0.0 before 2.1.1.\u003c/p\u003e"
}
],
"value": "Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T20:27:35.812Z",
"orgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
"shortName": "drupal"
},
"references": [
{
"url": "https://www.drupal.org/sa-contrib-2024-073"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Login Disable - Critical - Access bypass - SA-CONTRIB-2024-073",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
"assignerShortName": "drupal",
"cveId": "CVE-2024-13309",
"datePublished": "2025-01-09T20:27:35.812Z",
"dateReserved": "2025-01-09T20:26:26.972Z",
"dateUpdated": "2025-01-30T21:33:50.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13111 (GCVE-0-2024-13111)
Vulnerability from cvelistv5 – Published: 2025-01-02 14:00 – Updated: 2025-01-02 16:19- CWE-287 - Improper Authentication
| URL | Tags |
|---|---|
| https://vuldb.com/?id.289927 | vdb-entry |
| https://vuldb.com/?ctiid.289927 | signaturepermissions-required |
| https://vuldb.com/?submit.467701 | third-party-advisory |
| https://github.com/qiutiandefeng/yfexam-exam/issues/6 | issue-tracking |
| https://github.com/qiutiandefeng/yfexam-exam/issu… | exploitissue-tracking |
| Vendor | Product | Version | |
|---|---|---|---|
| Beijing Yunfan Internet Technology | Yunfan Learning Examination System |
Affected:
1.9.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13111",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-02T16:18:58.632403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T16:19:03.479Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/qiutiandefeng/yfexam-exam/issues/6"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/qiutiandefeng/yfexam-exam/issues/6#issue-2754680012"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"JWT Token Handler"
],
"product": "Yunfan Learning Examination System",
"vendor": "Beijing Yunfan Internet Technology",
"versions": [
{
"status": "affected",
"version": "1.9.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "LVZC (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/com/yf/exam/modules/sys/user/controller/SysUserControl of the component JWT Token Handler. The manipulation leads to improper authentication. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "In Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2 wurde eine kritische Schwachstelle entdeckt. Betroffen ist eine unbekannte Verarbeitung der Datei src/main/java/com/yf/exam/modules/sys/user/controller/SysUserControl der Komponente JWT Token Handler. Dank der Manipulation mit unbekannten Daten kann eine improper authentication-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig ausnutzbar. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.1,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T14:00:15.703Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-289927 | Beijing Yunfan Internet Technology Yunfan Learning Examination System JWT Token SysUserControl improper authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.289927"
},
{
"name": "VDB-289927 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.289927"
},
{
"name": "Submit #467701 | Beijing Yunfan Internet Technology Co., Ltd yfexam-exam 1.9.2 JWT defects",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.467701"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/qiutiandefeng/yfexam-exam/issues/6"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/qiutiandefeng/yfexam-exam/issues/6#issue-2754680012"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-01-01T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-01-01T12:36:44.000Z",
"value": "VulDB entry last update"
}
],
"title": "Beijing Yunfan Internet Technology Yunfan Learning Examination System JWT Token SysUserControl improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-13111",
"datePublished": "2025-01-02T14:00:15.703Z",
"dateReserved": "2025-01-01T11:31:35.238Z",
"dateUpdated": "2025-01-02T16:19:03.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13088 (GCVE-0-2024-13088)
Vulnerability from cvelistv5 – Published: 2025-06-06 15:53 – Updated: 2025-06-06 16:35| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QuRouter |
Affected:
2.5.x , < 2.5.0.140
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13088",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-06T16:19:34.279680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T16:35:46.679Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QuRouter",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.5.0.140",
"status": "affected",
"version": "2.5.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "nella17 (@nella17tw), working with DEVCORE Internship Program, and DEVCORE Research Team working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to compromise the security of the system.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQuRouter 2.5.0.140 and later\u003cbr\u003e"
}
],
"value": "An improper authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to compromise the security of the system.\n\nWe have already fixed the vulnerability in the following version:\nQuRouter 2.5.0.140 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T15:53:09.479Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-15"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQuRouter 2.5.0.140 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQuRouter 2.5.0.140 and later"
}
],
"source": {
"advisory": "QSA-25-15",
"discovery": "EXTERNAL"
},
"title": "QHora",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2024-13088",
"datePublished": "2025-06-06T15:53:09.479Z",
"dateReserved": "2024-12-31T09:31:40.415Z",
"dateUpdated": "2025-06-06T16:35:46.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12919 (GCVE-0-2024-12919)
Vulnerability from cvelistv5 – Published: 2025-01-14 09:21 – Updated: 2026-04-08 17:25- CWE-287 - Improper Authentication
| Vendor | Product | Version | |
|---|---|---|---|
| cozmoslabs | Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction |
Affected:
0 , ≤ 2.13.7
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12919",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T14:42:16.945669Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:43:35.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Paid Membership Subscriptions \u2013 Effortless Memberships, Recurring Payments \u0026 Content Restriction",
"vendor": "cozmoslabs",
"versions": [
{
"lessThanOrEqual": "2.13.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Paid Membership Subscriptions \u2013 Effortless Memberships, Recurring Payments \u0026 Content Restriction plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.13.7. This is due to the pms_pb_payment_redirect_link function using the user-controlled value supplied via the \u0027pms_payment_id\u0027 parameter to authenticate users without any further identity validation. This makes it possible for unauthenticated attackers with knowledge of a valid payment ID to log in as any user who has made a purchase on the targeted site."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:25:38.671Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3a4fa4d-a7d2-4890-b0f5-5fe69bc5e7ac?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3214706/paid-member-subscriptions"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-24T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-01-13T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Paid Membership Subscriptions \u2013 Effortless Memberships, Recurring Payments \u0026 Content Restriction \u003c= 2.13.7 - Authentication Bypass via pms_payment_id"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-12919",
"datePublished": "2025-01-14T09:21:55.299Z",
"dateReserved": "2024-12-24T17:14:52.449Z",
"dateUpdated": "2026-04-08T17:25:38.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-12510 (GCVE-0-2024-12510)
Vulnerability from cvelistv5 – Published: 2025-02-03 18:52 – Updated: 2025-02-27 14:56- CWE-287 - Improper Authentication
| Vendor | Product | Version | |
|---|---|---|---|
| Xerox | Versalink B400 |
Affected:
0 , < 37.82.53
(custom)
|
|
| Xerox | Versalink B405 |
Affected:
0 , < 38.82.53
(custom)
|
|
| Xerox | Versalink C400 |
Affected:
0 , < 67.82.53
(custom)
|
|
| Xerox | Versalink C405 |
Affected:
0 , < 68.82.53
(custom)
|
|
| Xerox | Versalink B600/B610 |
Affected:
0 , < 32.82.53
(custom)
|
|
| Xerox | Versalink B605/B615 |
Affected:
0 , < 33.82.53
(custom)
|
|
| Xerox | Versalink C500/C600 |
Affected:
0 , < 61.82.53
(custom)
|
|
| Xerox | Versalink C505/C605 |
Affected:
0 , < 62.82.53
(custom)
|
|
| Xerox | Versalink C7000 |
Affected:
0 , < 56.75.53
(custom)
|
|
| Xerox | Versalink C7020/C7025/C7030 |
Affected:
0 , < 57.75.53
(custom)
|
|
| Xerox | Versalink B7025/B7030/B7035 |
Affected:
0 , < 58.75.53
(custom)
|
|
| Xerox | Versalink B7125/B7130/B7135 |
Affected:
0 , < 59.24.53
(custom)
|
|
| Xerox | Versalink C7120/C7125/C7130 |
Affected:
0 , < 69.24.53
(custom)
|
|
| Xerox | Versalink C8000/C9000 |
Affected:
0 , < 70.75.53
(custom)
|
|
| Xerox | Versalink C8000W |
Affected:
0 , < 72.75.53
(custom)
|
|
| Xerox | Phaser 6510 |
Affected:
0 , < 64.75.53
(custom)
|
|
| Xerox | WorkCentre 6515 |
Affected:
0 , < 65.75.53
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12510",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T19:37:44.752191Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T14:56:42.166Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink B400",
"vendor": "Xerox",
"versions": [
{
"lessThan": "37.82.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink B405",
"vendor": "Xerox",
"versions": [
{
"lessThan": "38.82.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink C400",
"vendor": "Xerox",
"versions": [
{
"lessThan": "67.82.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink C405",
"vendor": "Xerox",
"versions": [
{
"lessThan": "68.82.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink B600/B610",
"vendor": "Xerox",
"versions": [
{
"lessThan": "32.82.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink B605/B615",
"vendor": "Xerox",
"versions": [
{
"lessThan": "33.82.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink C500/C600",
"vendor": "Xerox",
"versions": [
{
"lessThan": "61.82.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink C505/C605",
"vendor": "Xerox",
"versions": [
{
"lessThan": "62.82.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink C7000",
"vendor": "Xerox",
"versions": [
{
"lessThan": "56.75.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink C7020/C7025/C7030",
"vendor": "Xerox",
"versions": [
{
"lessThan": "57.75.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink B7025/B7030/B7035",
"vendor": "Xerox",
"versions": [
{
"lessThan": "58.75.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink B7125/B7130/B7135",
"vendor": "Xerox",
"versions": [
{
"lessThan": "59.24.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink C7120/C7125/C7130",
"vendor": "Xerox",
"versions": [
{
"lessThan": "69.24.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink C8000/C9000",
"vendor": "Xerox",
"versions": [
{
"lessThan": "70.75.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Versalink C8000W",
"vendor": "Xerox",
"versions": [
{
"lessThan": "72.75.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Phaser 6510",
"vendor": "Xerox",
"versions": [
{
"lessThan": "64.75.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "WorkCentre 6515",
"vendor": "Xerox",
"versions": [
{
"lessThan": "65.75.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-02-03T18:44:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires admin access and an active LDAP setup."
}
],
"value": "If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires admin access and an active LDAP setup."
}
],
"impacts": [
{
"capecId": "CAPEC-136",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-136: LDAP Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-03T19:20:36.405Z",
"orgId": "10b61619-3869-496c-8a1e-f291b0e71e3f",
"shortName": "Xerox"
},
"references": [
{
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox%C2%AE-for-VersaLinkPhaser-and-WorkCentre.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "LDAP Authentication Sever Pass-back attack",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "10b61619-3869-496c-8a1e-f291b0e71e3f",
"assignerShortName": "Xerox",
"cveId": "CVE-2024-12510",
"datePublished": "2025-02-03T18:52:16.942Z",
"dateReserved": "2024-12-11T13:24:56.453Z",
"dateUpdated": "2025-02-27T14:56:42.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Strategy: Libraries or Frameworks
Use an authentication framework or library such as the OWASP ESAPI Authentication feature.
CAPEC-114: Authentication Abuse
An attacker obtains unauthorized access to an application, service or device either through knowledge of the inherent weaknesses of an authentication mechanism, or by exploiting a flaw in the authentication scheme's implementation. In such an attack an authentication mechanism is functioning but a carefully controlled sequence of events causes the mechanism to grant access to the attacker.
CAPEC-115: Authentication Bypass
An attacker gains access to application, service, or device with the privileges of an authorized or privileged user by evading or circumventing an authentication mechanism. The attacker is therefore able to access protected data without authentication ever having taken place.
CAPEC-151: Identity Spoofing
Identity Spoofing refers to the action of assuming (i.e., taking on) the identity of some other entity (human or non-human) and then using that identity to accomplish a goal. An adversary may craft messages that appear to come from a different principle or use stolen / spoofed authentication credentials.
CAPEC-194: Fake the Source of Data
An adversary takes advantage of improper authentication to provide data or services under a falsified identity. The purpose of using the falsified identity may be to prevent traceability of the provided data or to assume the rights granted to another individual. One of the simplest forms of this attack would be the creation of an email message with a modified "From" field in order to appear that the message was sent from someone other than the actual sender. The root of the attack (in this case the email system) fails to properly authenticate the source and this results in the reader incorrectly performing the instructed action. Results of the attack vary depending on the details of the attack, but common results include privilege escalation, obfuscation of other attacks, and data corruption/manipulation.
CAPEC-22: Exploiting Trust in Client
An attack of this type exploits vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by communicating directly with the server where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
CAPEC-57: Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
This attack utilizes a REST(REpresentational State Transfer)-style applications' trust in the system resources and environment to obtain sensitive data once SSL is terminated.
CAPEC-593: Session Hijacking
This type of attack involves an adversary that exploits weaknesses in an application's use of sessions in performing authentication. The adversary is able to steal or manipulate an active session and use it to gain unathorized access to the application.
CAPEC-633: Token Impersonation
An adversary exploits a weakness in authentication to create an access token (or equivalent) that impersonates a different entity, and then associates a process/thread to that that impersonated token. This action causes a downstream user to make a decision or take action that is based on the assumed identity, and not the response that blocks the adversary.
CAPEC-650: Upload a Web Shell to a Web Server
By exploiting insufficient permissions, it is possible to upload a web shell to a web server in such a way that it can be executed remotely. This shell can have various capabilities, thereby acting as a "gateway" to the underlying web server. The shell might execute at the higher permission level of the web server, providing the ability the execute malicious code at elevated levels.
CAPEC-94: Adversary in the Middle (AiTM)
An adversary targets the communication between two components (typically client and server), in order to alter or obtain data from transactions. A general approach entails the adversary placing themself within the communication channel between the two components.