CWE-288
Authentication Bypass Using an Alternate Path or Channel
The product requires authentication, but the product has an alternate path or channel that does not require authentication.
CVE-2019-13526 (GCVE-0-2019-13526)
Vulnerability from cvelistv5 – Published: 2019-08-29 22:48 – Updated: 2024-08-04 23:57
VLAI
Summary
Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to authentication bypass, which may allow an attacker to remotely execute arbitrary code.
Severity
No CVSS data available.
CWE
- CWE-288 - AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-19-239-02 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Datalogic AV7000 Linear barcode scanner |
Affected:
all versions prior to 4.6.0.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:39.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-239-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Datalogic AV7000 Linear barcode scanner",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "all versions prior to 4.6.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to authentication bypass, which may allow an attacker to remotely execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-29T22:48:17.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-239-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-13526",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Datalogic AV7000 Linear barcode scanner",
"version": {
"version_data": [
{
"version_value": "all versions prior to 4.6.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to authentication bypass, which may allow an attacker to remotely execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-239-02",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-239-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-13526",
"datePublished": "2019-08-29T22:48:17.000Z",
"dateReserved": "2019-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:57:39.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18250 (GCVE-0-2019-18250)
Vulnerability from cvelistv5 – Published: 2019-11-25 23:13 – Updated: 2024-08-05 01:47
VLAI
Summary
In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device.
Severity
No CVSS data available.
CWE
- CWE-288 - AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-19-318-05 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | ABB Power Generation Information Manager (PGIM) and Plant Connect All Versions |
Affected:
ABB Power Generation Information Manager (PGIM) and Plant Connect All Versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:14.143Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-318-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ABB Power Generation Information Manager (PGIM) and Plant Connect All Versions",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ABB Power Generation Information Manager (PGIM) and Plant Connect All Versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-25T23:13:29.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-318-05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-18250",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ABB Power Generation Information Manager (PGIM) and Plant Connect All Versions",
"version": {
"version_data": [
{
"version_value": "ABB Power Generation Information Manager (PGIM) and Plant Connect All Versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-318-05",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-318-05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-18250",
"datePublished": "2019-11-25T23:13:29.000Z",
"dateReserved": "2019-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:47:14.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3758 (GCVE-0-2019-3758)
Vulnerability from cvelistv5 – Published: 2019-09-18 22:23 – Updated: 2024-09-16 17:08
VLAI
Summary
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts.
Severity
8.1 (High)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.rsa.com/docs/DOC-106759 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | RSA Archer |
Affected:
prior to 6.6 P2 (6.6.0.2)
|
Date Public
2019-08-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rsa.com/docs/DOC-106759"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RSA Archer",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "prior to 6.6 P2 (6.6.0.2)"
}
]
}
],
"datePublic": "2019-08-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T15:12:36.000Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rsa.com/docs/DOC-106759"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2019-08-28",
"ID": "CVE-2019-3758",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RSA Archer",
"version": {
"version_data": [
{
"version_value": "prior to 6.6 P2 (6.6.0.2)"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts."
}
]
},
"impact": {
"cvss": {
"baseScore": 8.1,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-288: Authentication Bypass Using an Alternate Path or Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rsa.com/docs/DOC-106759",
"refsource": "MISC",
"url": "https://community.rsa.com/docs/DOC-106759"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2019-3758",
"datePublished": "2019-09-18T22:23:10.217Z",
"dateReserved": "2019-01-03T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:08:48.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5165 (GCVE-0-2019-5165)
Vulnerability from cvelistv5 – Published: 2020-02-25 15:49 – Updated: 2024-08-04 19:47
VLAI
Summary
An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability.
Severity
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://talosintelligence.com/vulnerability_repor… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:56.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0960"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moxa",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moxa AWK-3131A Firmware version 1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T17:35:05.000Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0960"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2019-5165",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moxa",
"version": {
"version_data": [
{
"version_value": "Moxa AWK-3131A Firmware version 1.13"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. An attacker can send authenticated SNMP requests to trigger this vulnerability."
}
]
},
"impact": {
"cvss": {
"baseScore": 8,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-288: Authentication Bypass Using an Alternate Path or Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0960",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0960"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2019-5165",
"datePublished": "2020-02-25T15:49:11.000Z",
"dateReserved": "2019-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:47:56.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5451 (GCVE-0-2019-5451)
Vulnerability from cvelistv5 – Published: 2019-07-30 20:33 – Updated: 2024-08-04 19:54
VLAI
Summary
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time.
Severity
No CVSS data available.
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel (CWE-288)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://hackerone.com/reports/507172 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | com.nextcloud.client |
Affected:
3.6.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/507172"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "com.nextcloud.client",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-30T20:33:47.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/507172"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2019-5451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "com.nextcloud.client",
"version": {
"version_data": [
{
"version_value": "3.6.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/507172",
"refsource": "MISC",
"url": "https://hackerone.com/reports/507172"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2019-5451",
"datePublished": "2019-07-30T20:33:47.000Z",
"dateReserved": "2019-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:54:53.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5453 (GCVE-0-2019-5453)
Vulnerability from cvelistv5 – Published: 2019-07-30 20:30 – Updated: 2024-08-04 19:54
VLAI
Summary
Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider.
Severity
No CVSS data available.
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel (CWE-288)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://hackerone.com/reports/331489 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nextcloud | com.nextcloud.client |
Affected:
3.3.0
|
Date Public
2019-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/331489"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "com.nextcloud.client",
"vendor": "Nextcloud",
"versions": [
{
"status": "affected",
"version": "3.3.0"
}
]
}
],
"datePublic": "2019-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-30T20:30:50.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/331489"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2019-5453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "com.nextcloud.client",
"version": {
"version_data": [
{
"version_value": "3.3.0"
}
]
}
}
]
},
"vendor_name": "Nextcloud"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/331489",
"refsource": "MISC",
"url": "https://hackerone.com/reports/331489"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2019-5453",
"datePublished": "2019-07-30T20:30:50.000Z",
"dateReserved": "2019-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:54:53.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5455 (GCVE-0-2019-5455)
Vulnerability from cvelistv5 – Published: 2019-07-30 20:26 – Updated: 2024-08-04 19:54
VLAI
Summary
Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process.
Severity
No CVSS data available.
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel (CWE-288)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://hackerone.com/reports/490946 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nextcloud | com.nextcloud.client |
Affected:
3.6.1
|
Date Public
2019-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/490946"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "com.nextcloud.client",
"vendor": "Nextcloud",
"versions": [
{
"status": "affected",
"version": "3.6.1"
}
]
}
],
"datePublic": "2019-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-30T20:26:47.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/490946"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2019-5455",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "com.nextcloud.client",
"version": {
"version_data": [
{
"version_value": "3.6.1"
}
]
}
}
]
},
"vendor_name": "Nextcloud"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/490946",
"refsource": "MISC",
"url": "https://hackerone.com/reports/490946"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2019-5455",
"datePublished": "2019-07-30T20:26:47.000Z",
"dateReserved": "2019-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:54:53.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5473 (GCVE-0-2019-5473)
Vulnerability from cvelistv5 – Published: 2019-09-09 17:49 – Updated: 2024-08-04 19:54
VLAI
Summary
An authentication issue was discovered in GitLab that allowed a bypass of email verification. This was addressed in GitLab 12.1.2 and 12.0.4.
Severity
No CVSS data available.
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel (CWE-288)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://hackerone.com/reports/565883 | x_refsource_MISC |
| https://gitlab.com/gitlab-org/gitlab-ee/issues/11643 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | gitlab.com |
Affected:
Fixed versions 12.1.2 and 12.0.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/565883"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab-ee/issues/11643"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "gitlab.com",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed versions 12.1.2 and 12.0.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authentication issue was discovered in GitLab that allowed a bypass of email verification. This was addressed in GitLab 12.1.2 and 12.0.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-09T17:49:52.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/565883"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gitlab.com/gitlab-org/gitlab-ee/issues/11643"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2019-5473",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "gitlab.com",
"version": {
"version_data": [
{
"version_value": "Fixed versions 12.1.2 and 12.0.4"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authentication issue was discovered in GitLab that allowed a bypass of email verification. This was addressed in GitLab 12.1.2 and 12.0.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/565883",
"refsource": "MISC",
"url": "https://hackerone.com/reports/565883"
},
{
"name": "https://gitlab.com/gitlab-org/gitlab-ee/issues/11643",
"refsource": "CONFIRM",
"url": "https://gitlab.com/gitlab-org/gitlab-ee/issues/11643"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2019-5473",
"datePublished": "2019-09-09T17:49:52.000Z",
"dateReserved": "2019-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:54:53.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5486 (GCVE-0-2019-5486)
Vulnerability from cvelistv5 – Published: 2019-12-18 20:58 – Updated: 2024-08-04 19:54
VLAI
Summary
A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements.
Severity
No CVSS data available.
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel (CWE-288)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://hackerone.com/reports/617896 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | GitLab CE/EE |
Affected:
12.3.2, 12.2.6, and 12.1.10
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.485Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/617896"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "GitLab CE/EE",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "12.3.2, 12.2.6, and 12.1.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A authentication bypass vulnerability exists in GitLab CE/EE \u003cv12.3.2, \u003cv12.2.6, and \u003cv12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T20:58:42.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/617896"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2019-5486",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "GitLab CE/EE",
"version": {
"version_data": [
{
"version_value": "12.3.2, 12.2.6, and 12.1.10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A authentication bypass vulnerability exists in GitLab CE/EE \u003cv12.3.2, \u003cv12.2.6, and \u003cv12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/617896",
"refsource": "MISC",
"url": "https://hackerone.com/reports/617896"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2019-5486",
"datePublished": "2019-12-18T20:58:42.000Z",
"dateReserved": "2019-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:54:53.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6551 (GCVE-0-2019-6551)
Vulnerability from cvelistv5 – Published: 2019-02-28 21:00 – Updated: 2024-09-16 19:40
VLAI
Summary
Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass user authentication using a specially crafted URL to cause the device to reboot, which may be used to cause a continual denial-of-service condition.
Severity
No CVSS data available.
CWE
- CWE-288 - AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/107031 | vdb-entryx_refsource_BID |
| https://ics-cert.us-cert.gov/advisories/ICSA-19-045-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ICS-CERT | Pangea Communications Internet FAX ATA |
Affected:
All Versions 3.1.8 and prior
|
Date Public
2019-02-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:22.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "107031",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107031"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-045-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Pangea Communications Internet FAX ATA",
"vendor": "ICS-CERT",
"versions": [
{
"status": "affected",
"version": "All Versions 3.1.8 and prior"
}
]
}
],
"datePublic": "2019-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass user authentication using a specially crafted URL to cause the device to reboot, which may be used to cause a continual denial-of-service condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-01T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "107031",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107031"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-045-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2019-02-14T00:00:00",
"ID": "CVE-2019-6551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Pangea Communications Internet FAX ATA",
"version": {
"version_data": [
{
"version_value": "All Versions 3.1.8 and prior"
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass user authentication using a specially crafted URL to cause the device to reboot, which may be used to cause a continual denial-of-service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107031",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107031"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-045-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-045-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-6551",
"datePublished": "2019-02-28T21:00:00.000Z",
"dateReserved": "2019-01-22T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:40:09.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Funnel all access through a single choke point to simplify how users can access a resource. For every access, perform a check to determine if the user has permissions to access the resource.
CAPEC-127: Directory Indexing
An adversary crafts a request to a target that results in the target listing/indexing the content of a directory as output. One common method of triggering directory contents as output is to construct a request containing a path that terminates in a directory name rather than a file name since many applications are configured to provide a list of the directory's contents when such a request is received. An adversary can use this to explore the directory tree on a target as well as learn the names of files. This can often end up revealing test files, backup files, temporary files, hidden files, configuration files, user accounts, script contents, as well as naming conventions, all of which can be used by an attacker to mount additional attacks.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.