CWE-290
Authentication Bypass by Spoofing
Description
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Top Monitored CVEs
CVE-2024-4358
CRITICAL
KEV
9.8
97.5%
2024-05-29
CVE-2022-24112
CRITICAL
KEV
9.8
96.2%
2022-02-11
CVE-2022-23131
CRITICAL
KEV
9.8
95.7%
2022-01-13
CVE-2021-29441
CRITICAL
9.8
74.2%
2021-04-27
CVE-2020-7388
CRITICAL
9.8
70.3%
2021-07-22
CVE-2024-54085
CRITICAL
KEV
9.8
61.2%
2025-03-11
CVE-2021-34646
CRITICAL
9.8
50.9%
2021-08-30
CVE-2023-50224
MEDIUM
KEV
6.5
17.4%
2024-05-03
CVE-2024-12108
CRITICAL
9.6
6.8%
2024-12-31
CVE-2022-39227
CRITICAL
9.1
3.7%
2022-09-23
Consequences
Access Control
—
Bypass Protection Mechanism, Gain Privileges or Assume Identity
This weakness can allow an attacker to access resources which are not otherwise accessible without proper authentication.