CWE-287
DiscouragedImproper Authentication
Abstraction: Class · Status: Draft
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
5966 vulnerabilities reference this CWE, most recent first.
CVE-2026-4592 (GCVE-0-2026-4592)
Vulnerability from cvelistv5 – Published: 2026-03-23 15:56 – Updated: 2026-03-23 17:51- CWE-287 - Improper Authentication
| URL | Tags |
|---|---|
| https://vuldb.com/?id.352428 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.352428 | signaturepermissions-required |
| https://vuldb.com/?submit.775471 | third-party-advisory |
| https://vulnplus-note.wetolink.com/share/S6CMNnndYUXU | broken-linkexploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4592",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T17:43:26.713196Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T17:51:46.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Password Login"
],
"product": "kodbox",
"vendor": "kalcaddle",
"versions": [
{
"status": "affected",
"version": "1.64"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "vulnplusbot (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in kalcaddle kodbox 1.64. This impacts the function loginAfter/tfaVerify of the file /workspace/source-code/plugins/client/controller/tfa/index.class.php of the component Password Login. The manipulation leads to improper authentication. The attack is possible to be carried out remotely. The attack is considered to have high complexity. The exploitability is said to be difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.1,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T15:56:44.699Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-352428 | kalcaddle kodbox Password Login index.class.php tfaVerify improper authentication",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.352428"
},
{
"name": "VDB-352428 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.352428"
},
{
"name": "Submit #775471 | Kodbox 1.64 Incorrect Authorization",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.775471"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://vulnplus-note.wetolink.com/share/S6CMNnndYUXU"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-22T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-22T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-22T12:45:46.000Z",
"value": "VulDB entry last update"
}
],
"title": "kalcaddle kodbox Password Login index.class.php tfaVerify improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4592",
"datePublished": "2026-03-23T15:56:44.699Z",
"dateReserved": "2026-03-22T11:40:32.961Z",
"dateUpdated": "2026-03-23T17:51:46.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4587 (GCVE-0-2026-4587)
Vulnerability from cvelistv5 – Published: 2026-03-23 12:46 – Updated: 2026-03-23 13:46| URL | Tags |
|---|---|
| https://vuldb.com/?id.352423 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.352423 | signaturepermissions-required |
| https://vuldb.com/?submit.775463 | third-party-advisory |
| https://github.com/hybridauth/hybridauth/issues/1444 | issue-tracking |
| https://github.com/hybridauth/hybridauth/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | HybridAuth |
Affected:
3.12.0
Affected: 3.12.1 Affected: 3.12.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4587",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T13:45:57.272076Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T13:46:08.559Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"SSL Handler"
],
"product": "HybridAuth",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.12.0"
},
{
"status": "affected",
"version": "3.12.1"
},
{
"status": "affected",
"version": "3.12.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "jstyles (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in HybridAuth up to 3.12.2. This issue affects some unknown processing of the file src/HttpClient/Curl.php of the component SSL Handler. The manipulation of the argument curlOptions results in improper certificate validation. The attack can be launched remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T12:46:46.054Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-352423 | HybridAuth SSL Curl.php certificate validation",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.352423"
},
{
"name": "VDB-352423 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.352423"
},
{
"name": "Submit #775463 | hybridauth \u003e2.2.0 Improper Certificate Validation (CWE-295)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.775463"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/hybridauth/hybridauth/issues/1444"
},
{
"tags": [
"product"
],
"url": "https://github.com/hybridauth/hybridauth/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-22T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-22T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-22T10:45:06.000Z",
"value": "VulDB entry last update"
}
],
"title": "HybridAuth SSL Curl.php certificate validation"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4587",
"datePublished": "2026-03-23T12:46:46.054Z",
"dateReserved": "2026-03-22T09:39:56.778Z",
"dateUpdated": "2026-03-23T13:46:08.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4583 (GCVE-0-2026-4583)
Vulnerability from cvelistv5 – Published: 2026-03-23 10:31 – Updated: 2026-03-25 14:04| URL | Tags |
|---|---|
| https://vuldb.com/?id.352420 | vdb-entry |
| https://vuldb.com/?ctiid.352420 | signaturepermissions-required |
| https://vuldb.com/?submit.775434 | third-party-advisory |
| https://github.com/Davim09/m6plusexploit/blob/mai… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Shenzhen HCC Technology | MPOS M6 PLUS |
Affected:
1V.31-N
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4583",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T14:04:29.007542Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T14:04:39.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Bluetooth Handler"
],
"product": "MPOS M6 PLUS",
"vendor": "Shenzhen HCC Technology",
"versions": [
{
"status": "affected",
"version": "1V.31-N"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "davimo (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. Affected by this issue is some unknown functionality of the component Bluetooth Handler. Performing a manipulation results in authentication bypass by capture-replay. The attack must originate from the local network. The attack is considered to have high complexity. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-294",
"description": "Authentication Bypass by Capture-replay",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T10:31:32.192Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-352420 | Shenzhen HCC Technology MPOS M6 PLUS Bluetooth authentication replay",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.352420"
},
{
"name": "VDB-352420 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.352420"
},
{
"name": "Submit #775434 | Shenzhen HCC Technology Co., Ltd M6PLUS MPOS M6PLUS-FW-1V.31-N Missing Anti-Replay Protection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.775434"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Davim09/m6plusexploit/blob/main/docs/CVE-2-Replay.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-22T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-22T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-22T10:04:13.000Z",
"value": "VulDB entry last update"
}
],
"title": "Shenzhen HCC Technology MPOS M6 PLUS Bluetooth authentication replay"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4583",
"datePublished": "2026-03-23T10:31:32.192Z",
"dateReserved": "2026-03-22T08:59:02.251Z",
"dateUpdated": "2026-03-25T14:04:39.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4582 (GCVE-0-2026-4582)
Vulnerability from cvelistv5 – Published: 2026-03-23 09:33 – Updated: 2026-04-18 03:37| URL | Tags |
|---|---|
| https://vuldb.com/vuln/352419 | vdb-entry |
| https://vuldb.com/vuln/352419/cti | signaturepermissions-required |
| https://vuldb.com/submit/775433 | third-party-advisory |
| https://github.com/Davim09/m6plusexploit/blob/mai… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Shenzhen HCC Technology | MPOS M6 PLUS |
Affected:
1V.31-N
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4582",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T11:26:35.366868Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T11:28:45.335Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Bluetooth"
],
"product": "MPOS M6 PLUS",
"vendor": "Shenzhen HCC Technology",
"versions": [
{
"status": "affected",
"version": "1V.31-N"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "davimo (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. Affected by this vulnerability is an unknown functionality of the component Bluetooth. Such manipulation leads to missing authentication. The attack must be carried out from within the local network. Attacks of this nature are highly complex. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-18T03:37:10.133Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-352419 | Shenzhen HCC Technology MPOS M6 PLUS Bluetooth missing authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/352419"
},
{
"name": "VDB-352419 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/352419/cti"
},
{
"name": "Submit #775433 | Shenzhen HCC Technology Co., Ltd M6PLUS MPOS M6PLUS-FW-1V.31-N Missing Cryptographic Authentication",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/775433"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Davim09/m6plusexploit/blob/main/docs/CVE-1-Authentication.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-22T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-22T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-23T12:12:52.000Z",
"value": "VulDB entry last update"
}
],
"title": "Shenzhen HCC Technology MPOS M6 PLUS Bluetooth missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4582",
"datePublished": "2026-03-23T09:33:21.271Z",
"dateReserved": "2026-03-22T08:58:54.529Z",
"dateUpdated": "2026-04-18T03:37:10.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4562 (GCVE-0-2026-4562)
Vulnerability from cvelistv5 – Published: 2026-03-22 23:09 – Updated: 2026-03-23 11:56| URL | Tags |
|---|---|
| https://vuldb.com/?id.352399 | vdb-entry |
| https://vuldb.com/?ctiid.352399 | signaturepermissions-required |
| https://vuldb.com/?submit.775039 | third-party-advisory |
| https://github.com/HuajiHD/CVE/issues/9 | exploitissue-tracking |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4562",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T11:56:08.503408Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T11:56:22.907Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:maccms:maccms:*:*:*:*:*:*:*:*"
],
"modules": [
"Timming API Endpoint"
],
"product": "MacCMS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2025.1000.4052"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "HuajiHD (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in MacCMS 2025.1000.4052. This affects an unknown part of the file application/api/controller/Timming.php of the component Timming API Endpoint. The manipulation results in missing authentication. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-22T23:09:08.900Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-352399 | MacCMS Timming API Endpoint Timming.php weak authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.352399"
},
{
"name": "VDB-352399 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.352399"
},
{
"name": "Submit #775039 | Maccms MacCMS 2025.1000.4052 Missing Authentication",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.775039"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/HuajiHD/CVE/issues/9"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-22T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-22T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-22T09:25:31.000Z",
"value": "VulDB entry last update"
}
],
"title": "MacCMS Timming API Endpoint Timming.php weak authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4562",
"datePublished": "2026-03-22T23:09:08.900Z",
"dateReserved": "2026-03-22T08:20:15.860Z",
"dateUpdated": "2026-03-23T11:56:22.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4476 (GCVE-0-2026-4476)
Vulnerability from cvelistv5 – Published: 2026-03-20 06:32 – Updated: 2026-03-20 18:07| URL | Tags |
|---|---|
| https://vuldb.com/?id.351766 | vdb-entry |
| https://vuldb.com/?ctiid.351766 | signaturepermissions-required |
| https://vuldb.com/?submit.773070 | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Yi Technology | YI Home Camera |
Affected:
2 2.1.1_20171024151200
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4476",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-20T17:37:58.796687Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T18:07:48.438Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"CGI Endpoint"
],
"product": "YI Home Camera",
"vendor": "Yi Technology",
"versions": [
{
"status": "affected",
"version": "2 2.1.1_20171024151200"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "0rbitingZer0 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Yi Technology YI Home Camera 2 2.1.1_20171024151200. The impacted element is an unknown function of the file home/web/ipc of the component CGI Endpoint. Performing a manipulation results in missing authentication. Access to the local network is required for this attack. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T06:32:10.497Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351766 | Yi Technology YI Home Camera CGI Endpoint ipc missing authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.351766"
},
{
"name": "VDB-351766 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351766"
},
{
"name": "Submit #773070 | yitechnology YI Home Camera 2 2.1.1_20171024151200 Unauthenticated-CGI-Endpoints",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.773070"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-19T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-19T21:51:39.000Z",
"value": "VulDB entry last update"
}
],
"title": "Yi Technology YI Home Camera CGI Endpoint ipc missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4476",
"datePublished": "2026-03-20T06:32:10.497Z",
"dateReserved": "2026-03-19T20:46:23.654Z",
"dateUpdated": "2026-03-20T18:07:48.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4349 (GCVE-0-2026-4349)
Vulnerability from cvelistv5 – Published: 2026-03-17 21:32 – Updated: 2026-03-25 10:56 Unsupported When Assigned- CWE-287 - Improper Authentication
| URL | Tags |
|---|---|
| https://vuldb.com/?id.351380 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351380 | signaturepermissions-required |
| https://vuldb.com/?submit.772071 | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Duende | IdentityServer4 |
Affected:
4.1.0
Affected: 4.1.1 Affected: 4.1.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4349",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-18T19:59:03.230542Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-18T19:59:09.789Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Token Renewal Endpoint"
],
"product": "IdentityServer4",
"vendor": "Duende",
"versions": [
{
"status": "affected",
"version": "4.1.0"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.1.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Edcarlos (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in Duende IdentityServer4 up to 4.1.2. The affected element is an unknown function of the file /connect/authorize of the component Token Renewal Endpoint. This manipulation of the argument id_token_hint causes improper authentication. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is described as difficult. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.1,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P/E:ND/RL:ND/RC:ND",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T10:56:05.955Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351380 | Duende IdentityServer4 Token Renewal Endpoint authorize improper authentication",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351380"
},
{
"name": "VDB-351380 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351380"
},
{
"name": "Submit #772071 | DuendeSoftware Identity Server 4 Authentication Bypass Issues",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.772071"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-17T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-17T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-25T12:00:53.000Z",
"value": "VulDB entry last update"
}
],
"title": "Duende IdentityServer4 Token Renewal Endpoint authorize improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4349",
"datePublished": "2026-03-17T21:32:11.670Z",
"dateReserved": "2026-03-17T17:03:17.392Z",
"dateUpdated": "2026-03-25T10:56:05.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4252 (GCVE-0-2026-4252)
Vulnerability from cvelistv5 – Published: 2026-03-16 16:32 – Updated: 2026-03-16 18:07| URL | Tags |
|---|---|
| https://vuldb.com/?id.351210 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351210 | signaturepermissions-required |
| https://vuldb.com/?submit.771759 | third-party-advisory |
| https://github.com/digitalandrew/tenda_ac8_v5/blo… | exploit |
| https://www.tenda.com.cn/ | product |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4252",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T18:07:31.177772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T18:07:41.022Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:tenda:ac8_firmware:*:*:*:*:*:*:*:*"
],
"modules": [
"IPv6 Handler"
],
"product": "AC8",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "16.03.50.11"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "DigitalAndrew (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in Tenda AC8 16.03.50.11. Affected by this issue is the function check_is_ipv6 of the component IPv6 Handler. The manipulation leads to reliance on ip address for authentication. It is possible to initiate the attack remotely. The exploit is publicly available and might be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 10,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:W/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-291",
"description": "Reliance on IP Address for Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T16:32:10.508Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351210 | Tenda AC8 IPv6 check_is_ipv6 ip address for authentication",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351210"
},
{
"name": "VDB-351210 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351210"
},
{
"name": "Submit #771759 | Tenda AC8 V5 V16.03.50.11 Authentication Bypass Issues",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.771759"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/digitalandrew/tenda_ac8_v5/blob/main/poc_ipv6_auth_bypass.py"
},
{
"tags": [
"product"
],
"url": "https://www.tenda.com.cn/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-16T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-16T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-16T07:21:15.000Z",
"value": "VulDB entry last update"
}
],
"title": "Tenda AC8 IPv6 check_is_ipv6 ip address for authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4252",
"datePublished": "2026-03-16T16:32:10.508Z",
"dateReserved": "2026-03-16T06:16:02.051Z",
"dateUpdated": "2026-03-16T18:07:41.022Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4187 (GCVE-0-2026-4187)
Vulnerability from cvelistv5 – Published: 2026-03-15 19:02 – Updated: 2026-03-16 20:14| URL | Tags |
|---|---|
| https://vuldb.com/?id.351093 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.351093 | signaturepermissions-required |
| https://vuldb.com/?submit.769931 | third-party-advisory |
| https://my.feishu.cn/docx/Vc4QdU5KNoMF57xxubOcBwP… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Tiandy | Easy7 Integrated Management Platform |
Affected:
7.17.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4187",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T20:14:16.947928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T20:14:36.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Device Identifier Handler"
],
"product": "Easy7 Integrated Management Platform",
"vendor": "Tiandy",
"versions": [
{
"status": "affected",
"version": "7.17.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "0menc (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T19:02:17.513Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351093 | Tiandy Easy7 Integrated Management Platform Device Identifier UpdateLocalDevInfo.jsp missing authentication",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351093"
},
{
"name": "VDB-351093 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351093"
},
{
"name": "Submit #769931 | Tiandy Technologies Co., Ltd. Easy7 Integrated Management Platform 7.17.0 Missing Authentication",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769931"
},
{
"tags": [
"exploit"
],
"url": "https://my.feishu.cn/docx/Vc4QdU5KNoMF57xxubOcBwPSnqf?from=from_copylink"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-14T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-14T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-14T23:30:23.000Z",
"value": "VulDB entry last update"
}
],
"title": "Tiandy Easy7 Integrated Management Platform Device Identifier UpdateLocalDevInfo.jsp missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4187",
"datePublished": "2026-03-15T19:02:17.513Z",
"dateReserved": "2026-03-14T22:25:16.879Z",
"dateUpdated": "2026-03-16T20:14:36.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4101 (GCVE-0-2026-4101)
Vulnerability from cvelistv5 – Published: 2026-04-01 20:35 – Updated: 2026-04-03 13:02- CWE-287 - Improper Authentication
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7268253 | vendor-advisorypatch |
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Verify Identity Access Container |
Affected:
11.0 , ≤ 11.0.2
(semver)
cpe:2.3:a:ibm:verify_identity_access_container:11.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:verify_identity_access_container:11.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:verify_identity_access_container:11.0.2:*:*:*:*:*:*:* |
|
| IBM | Security Verify Access Container |
Affected:
10.0 , ≤ 10.0.9.1
(semver)
cpe:2.3:a:ibm:security_verify_access_container:10.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:security_verify_access_container:10.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:security_verify_access_container:10.0.9.1:*:*:*:*:*:*:* |
|
| IBM | Verify Identity Access |
Affected:
11.0 , ≤ 11.0.2
(semver)
cpe:2.3:a:ibm:verify_identity_access:11.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:verify_identity_access:11.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:verify_identity_access:11.0.2:*:*:*:*:*:*:* |
|
| IBM | Security Verify Access |
Affected:
10.0 , ≤ 10.0.9.1
(semver)
cpe:2.3:a:ibm:security_verify_access:10.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:security_verify_access:10.0.9.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4101",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-03T03:55:32.917849Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-03T13:02:16.369Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:verify_identity_access_container:11.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:verify_identity_access_container:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:verify_identity_access_container:11.0.2:*:*:*:*:*:*:*"
],
"product": "Verify Identity Access Container",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "11.0.2",
"status": "affected",
"version": "11.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:ibm:security_verify_access_container:10.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:security_verify_access_container:10.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:security_verify_access_container:10.0.9.1:*:*:*:*:*:*:*"
],
"product": "Security Verify Access Container",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "10.0.9.1",
"status": "affected",
"version": "10.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:ibm:verify_identity_access:11.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:verify_identity_access:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:verify_identity_access:11.0.2:*:*:*:*:*:*:*"
],
"product": "Verify Identity Access",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "11.0.2",
"status": "affected",
"version": "11.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:ibm:security_verify_access:10.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:security_verify_access:10.0.9.1:*:*:*:*:*:*:*"
],
"product": "Security Verify Access",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "10.0.9.1",
"status": "affected",
"version": "10.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 under certain load conditions could allow an attacker to bypass authentication mechanisms and gain unauthorized access to the application.\u003c/p\u003e"
}
],
"value": "IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 under certain load conditions could allow an attacker to bypass authentication mechanisms and gain unauthorized access to the application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T20:35:56.948Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7268253"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cstrong\u003eIBM encourages customers to update their systems promptly.\u003c/strong\u003e\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eAppliance:\u0026nbsp;\u003c/strong\u003e\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cstrong\u003eAffected Products and Versions\u003c/strong\u003e\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003cstrong\u003eFix availability\u003c/strong\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Verify Identity Access 11.0 - 11.0.2\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Verify+Identity+Access\u0026amp;fixids=11.0.2.0-ISS-IVIA-IF0001\u0026amp;source=SAR\" rel=\"nofollow\"\u003eDownload IBM Verify Identity Access v11.0.2 IF1\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Security Verify Access 10.0 - 10.0.9.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Security+Verify+Access\u0026amp;fixids=10.0.9.1-ISS-ISVA-IF0001\u0026amp;source=SAR\" rel=\"nofollow\"\u003eDownload IBM Security Verify Access v10.0.9.1 IF1\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/thead\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e"
}
],
"value": "IBM encourages customers to update their systems promptly.\n\n\u00a0\n\nAppliance:\u00a0\n\nAffected Products and Versions\n\nFix availability\n\nIBM Verify Identity Access 11.0 - 11.0.2\n\n Download IBM Verify Identity Access v11.0.2 IF1 https://www.ibm.com/support/fixcentral/quickorder \n\nIBM Security Verify Access 10.0 - 10.0.9.1\n\n Download IBM Security Verify Access v10.0.9.1 IF1 https://www.ibm.com/support/fixcentral/quickorder"
}
],
"title": "Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2026-4101",
"datePublished": "2026-04-01T20:35:56.948Z",
"dateReserved": "2026-03-13T00:33:07.564Z",
"dateUpdated": "2026-04-03T13:02:16.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Strategy: Libraries or Frameworks
Use an authentication framework or library such as the OWASP ESAPI Authentication feature.
CAPEC-114: Authentication Abuse
An attacker obtains unauthorized access to an application, service or device either through knowledge of the inherent weaknesses of an authentication mechanism, or by exploiting a flaw in the authentication scheme's implementation. In such an attack an authentication mechanism is functioning but a carefully controlled sequence of events causes the mechanism to grant access to the attacker.
CAPEC-115: Authentication Bypass
An attacker gains access to application, service, or device with the privileges of an authorized or privileged user by evading or circumventing an authentication mechanism. The attacker is therefore able to access protected data without authentication ever having taken place.
CAPEC-151: Identity Spoofing
Identity Spoofing refers to the action of assuming (i.e., taking on) the identity of some other entity (human or non-human) and then using that identity to accomplish a goal. An adversary may craft messages that appear to come from a different principle or use stolen / spoofed authentication credentials.
CAPEC-194: Fake the Source of Data
An adversary takes advantage of improper authentication to provide data or services under a falsified identity. The purpose of using the falsified identity may be to prevent traceability of the provided data or to assume the rights granted to another individual. One of the simplest forms of this attack would be the creation of an email message with a modified "From" field in order to appear that the message was sent from someone other than the actual sender. The root of the attack (in this case the email system) fails to properly authenticate the source and this results in the reader incorrectly performing the instructed action. Results of the attack vary depending on the details of the attack, but common results include privilege escalation, obfuscation of other attacks, and data corruption/manipulation.
CAPEC-22: Exploiting Trust in Client
An attack of this type exploits vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by communicating directly with the server where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
CAPEC-57: Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
This attack utilizes a REST(REpresentational State Transfer)-style applications' trust in the system resources and environment to obtain sensitive data once SSL is terminated.
CAPEC-593: Session Hijacking
This type of attack involves an adversary that exploits weaknesses in an application's use of sessions in performing authentication. The adversary is able to steal or manipulate an active session and use it to gain unathorized access to the application.
CAPEC-633: Token Impersonation
An adversary exploits a weakness in authentication to create an access token (or equivalent) that impersonates a different entity, and then associates a process/thread to that that impersonated token. This action causes a downstream user to make a decision or take action that is based on the assumed identity, and not the response that blocks the adversary.
CAPEC-650: Upload a Web Shell to a Web Server
By exploiting insufficient permissions, it is possible to upload a web shell to a web server in such a way that it can be executed remotely. This shell can have various capabilities, thereby acting as a "gateway" to the underlying web server. The shell might execute at the higher permission level of the web server, providing the ability the execute malicious code at elevated levels.
CAPEC-94: Adversary in the Middle (AiTM)
An adversary targets the communication between two components (typically client and server), in order to alter or obtain data from transactions. A general approach entails the adversary placing themself within the communication channel between the two components.