CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apache : Security Vulnerabilities (Bypass)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-9802 79 XSS Bypass 2017-08-14 2017-09-15
4.3
None Remote Medium Not required None Partial None
The Javascript method Sling.evalString() in Apache Sling Servlets Post before 2.3.22 uses the javascript 'eval' function to parse input strings, which allows for XSS attacks by passing specially crafted input strings.
2 CVE-2017-7675 22 Dir. Trav. Bypass 2017-08-10 2017-08-24
5.0
None Remote Low Not required Partial None None
The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented directory traversal attacks. It was therefore possible to bypass security constraints using a specially crafted URL.
3 CVE-2017-3167 287 Bypass 2017-06-19 2017-08-29
7.5
None Remote Low Not required Partial Partial Partial
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
4 CVE-2016-6802 284 Bypass 2016-09-20 2016-09-21
5.0
None Remote Low Not required None Partial None
Apache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by leveraging use of a non-root servlet context path.
5 CVE-2016-6796 254 Bypass 2017-08-10 2017-08-24
5.0
None Remote Low Not required None Partial None
A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.
6 CVE-2016-6794 200 Bypass +Info 2017-08-10 2017-08-24
5.0
None Remote Low Not required Partial None None
When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.
7 CVE-2016-5018 254 Bypass 2017-08-10 2017-08-24
5.0
None Remote Low Not required None Partial None
In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.
8 CVE-2016-4979 284 Bypass 2016-07-06 2017-06-30
5.0
None Remote Low Not required None Partial None
The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request authorization, which allows remote attackers to bypass intended access restrictions by leveraging the ability to send multiple requests over a single connection and aborting a renegotiation.
9 CVE-2016-4464 284 Bypass 2016-09-21 2017-07-29
7.5
None Remote Low Not required Partial Partial Partial
The application plugins in Apache CXF Fediz 1.2.x before 1.2.3 and 1.3.x before 1.3.1 do not match SAML AudienceRestriction values against configured audience URIs, which might allow remote attackers to have bypass intended restrictions and have unspecified other impact via a crafted SAML token with a trusted signature.
10 CVE-2016-4460 287 Bypass 2017-08-22 2017-08-29
7.5
None Remote Low Not required Partial Partial Partial
Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication.
11 CVE-2016-4437 284 Exec Code Bypass 2016-06-07 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter.
12 CVE-2016-4433 20 Bypass 2016-07-04 2017-08-08
5.0
None Remote Low Not required None Partial None
Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks via a crafted request.
13 CVE-2016-4432 287 Bypass 2016-06-01 2016-11-29
5.0
None Remote Low Not required None Partial None
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.
14 CVE-2016-4431 20 Bypass 2016-07-04 2017-08-08
5.0
None Remote Low Not required None Partial None
Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks by leveraging a default method.
15 CVE-2016-3085 287 Bypass 2016-06-10 2016-06-14
5.8
None Remote Medium Not required Partial Partial None
Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x before 4.7.1.1, and 4.8.x before 4.8.0.1, when SAML-based authentication is enabled and used, allow remote attackers to bypass authentication and access the user interface via vectors related to the SAML plugin.
16 CVE-2016-2167 284 Bypass 2016-05-05 2017-06-30
4.9
None Remote Medium Single system Partial Partial None
The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string.
17 CVE-2016-0763 264 DoS Bypass 2016-02-24 2017-06-30
6.5
None Remote Low Single system Partial Partial Partial
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context.
18 CVE-2016-0735 264 Bypass 2016-04-11 2016-04-19
6.5
None Remote Low Single system Partial Partial Partial
Apache Ranger 0.5.x before 0.5.2 allows remote authenticated users to bypass intended parent resource-level access restrictions by leveraging mishandling of a resource-level exclude policy.
19 CVE-2016-0733 287 Bypass 2016-04-12 2016-04-18
7.5
None Remote Low Not required Partial Partial Partial
The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid username.
20 CVE-2016-0714 264 Exec Code Bypass 2016-02-24 2017-07-25
6.5
None Remote Low Single system Partial Partial Partial
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session.
21 CVE-2016-0706 200 Bypass +Info 2016-02-24 2017-06-30
4.0
None Remote Low Single system Partial None None
Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass intended SecurityManager restrictions and read arbitrary HTTP requests, and consequently discover session ID values, via a crafted web application.
22 CVE-2015-7521 287 Bypass 2016-01-29 2016-12-05
7.5
None Remote Low Not required Partial Partial Partial
The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 and 1.2.1, on clusters protected by Ranger and SqlStdHiveAuthorization, allows attackers to bypass intended parent table access restrictions via unspecified partition-level operations.
23 CVE-2015-5351 352 Bypass CSRF 2016-02-24 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token.
24 CVE-2015-5256 264 Bypass 2015-11-23 2016-12-07
4.3
None Remote Medium Not required None Partial None
Apache Cordova-Android before 4.1.0, when an application relies on a remote server, improperly implements a JavaScript whitelist protection mechanism, which allows attackers to bypass intended access restrictions via a crafted URI.
25 CVE-2015-5253 264 Bypass 2015-11-18 2016-12-02
4.0
None Remote Low Single system None Partial None
The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a "wrapping attack."
26 CVE-2015-5207 284 Bypass 2016-05-09 2016-11-30
7.5
None Remote Low Not required Partial Partial Partial
Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL whitelist protection mechanism in an app and load arbitrary resources by leveraging unspecified methods.
27 CVE-2015-5174 22 Dir. Trav. Bypass 2016-02-24 2017-06-30
4.0
None Remote Low Single system Partial None None
Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory.
28 CVE-2015-5167 264 Bypass 2016-04-12 2016-04-13
4.0
None Remote Low Single system None Partial None
The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote authenticated users to bypass intended access restrictions via the REST API.
29 CVE-2015-3185 264 Bypass 2015-07-20 2016-12-23
4.3
None Remote Medium Not required None Partial None
The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging the presence of a module that relies on the 2.2 API behavior.
30 CVE-2015-1772 287 Bypass 2015-12-21 2017-03-23
4.3
None Remote Medium Not required None Partial None
The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, mishandles simple unauthenticated and anonymous bind configurations, which allows remote attackers to bypass authentication via a crafted LDAP request.
31 CVE-2015-0899 20 Bypass 2016-07-04 2016-11-28
5.0
None Remote Low Not required None Partial None
The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter.
32 CVE-2015-0266 264 Bypass 2016-04-11 2016-04-13
6.5
None Remote Low Single system Partial Partial Partial
The Policy Admin Tool in Apache Ranger before 0.5.0 allows remote authenticated users to bypass intended access restrictions via direct access to module URLs.
33 CVE-2015-0227 264 Bypass 2015-02-12 2017-09-07
5.0
None Remote Low Not required None Partial None
Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks."
34 CVE-2015-0223 264 Bypass 2015-02-02 2015-02-04
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling.
35 CVE-2014-8152 254 Bypass 2015-01-21 2017-09-07
5.0
None Remote Low Not required None Partial None
Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remote attackers to bypass the streaming XML signature protection mechanism via a crafted XML document.
36 CVE-2014-8109 264 Bypass 2014-12-29 2016-12-30
4.3
None Remote Medium Not required None Partial None
mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory.
37 CVE-2014-7810 284 Bypass 2015-06-07 2016-12-30
5.0
None Remote Low Not required None Partial None
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
38 CVE-2014-7809 352 Bypass CSRF 2014-12-10 2016-10-25
6.8
None Remote Medium Not required Partial Partial Partial
Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable <s:token/> values, which allows remote attackers to bypass the CSRF protection mechanism.
39 CVE-2014-7807 287 Bypass 2014-12-10 2017-01-02
5.0
None Remote Low Not required None Partial None
Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to bypass authentication via a login request without a password, which triggers an unauthenticated bind.
40 CVE-2014-3612 287 Bypass 2015-08-24 2016-05-19
7.5
None Remote Low Not required Partial Partial Partial
The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind. NOTE: this identifier has been SPLIT per ADT2 due to different vulnerability types. See CVE-2015-6524 for the use of wildcard operators in usernames.
41 CVE-2014-3501 254 Bypass 2014-11-15 2014-11-17
4.3
None Remote Medium Not required None Partial None
Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView.
42 CVE-2014-1884 264 Bypass 2014-03-02 2014-03-03
7.5
None Remote Low Not required Partial Partial Partial
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2) with the XMLHttpRequest method by a crafted application.
43 CVE-2014-1882 264 Bypass 2014-03-02 2014-03-03
7.5
None Remote Low Not required Partial Partial Partial
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated by certain cordova.require calls.
44 CVE-2014-1881 264 Bypass 2014-03-02 2014-03-03
7.5
None Remote Low Not required Partial Partial Partial
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler return value as an alternative to correct synchronization.
45 CVE-2014-0107 264 Bypass 2014-04-15 2017-09-09
7.5
None Remote Low Not required Partial Partial Partial
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
46 CVE-2014-0096 264 Bypass 2014-05-31 2017-01-06
4.3
None Remote Medium Not required Partial None None
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
47 CVE-2014-0074 287 Bypass 2014-10-06 2014-10-07
7.5
None Remote Low Not required Partial Partial Partial
Apache Shiro 1.x before 1.2.3, when using an LDAP server with unauthenticated bind enabled, allows remote attackers to bypass authentication via an empty (1) username or (2) password.
48 CVE-2014-0050 264 DoS Bypass 2014-04-01 2017-02-16
7.5
None Remote Low Not required Partial Partial Partial
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.
49 CVE-2013-6398 264 Bypass 2014-01-15 2014-09-04
2.8
None Remote Medium Multiple systems Partial None None
The virtual router in Apache CloudStack before 4.2.1 does not preserve the source restrictions in firewall rules after being restarted, which allows remote attackers to bypass intended restrictions via a request.
50 CVE-2013-5704 264 Bypass 2014-04-15 2017-01-06
5.0
None Remote Low Not required None Partial None
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
Total number of vulnerabilities : 112   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.