Common Weakness Enumeration

CWE-603

Allowed

Use of Client-Side Authentication

Abstraction: Base · Status: Draft

A client/server product performs authentication within client code but not in server code, allowing server-side authentication to be bypassed via a modified client that omits the authentication check.

41 vulnerabilities reference this CWE, most recent first.

GHSA-HRXV-HVCR-JJ9X

Vulnerability from github – Published: 2025-03-31 06:30 – Updated: 2025-03-31 06:30
VLAI
Details

Use of client-side authentication issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, a remote attacker may obtain the product login password without authentication.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-24517"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-603"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-31T05:15:15Z",
    "severity": "HIGH"
  },
  "details": "Use of client-side authentication issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, a remote attacker may obtain the product login password without authentication.",
  "id": "GHSA-hrxv-hvcr-jj9x",
  "modified": "2025-03-31T06:30:26Z",
  "published": "2025-03-31T06:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24517"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/vu/JVNVU91154745"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-084-04"
    },
    {
      "type": "WEB",
      "url": "https://www.inaba.co.jp/files/chocomini_vulnerability.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.nozominetworks.com/blog/unpatched-vulnerabilities-in-production-line-cameras-may-allow-remote-surveillance-hinder-stoppage-recording"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J7P7-W7PR-MWPC

Vulnerability from github – Published: 2026-05-19 15:31 – Updated: 2026-05-19 15:31
VLAI
Details

Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior (e.g. using a debugger) and log in as any other user or administrator - then it is possible to do every possible change to the repository.

The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 17.1 and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-42098"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-603"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-19T14:16:42Z",
    "severity": "HIGH"
  },
  "details": "Sparx Enterprise Architect software has a security feature that limits user\u0027s actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect  client behavior (e.g. using a debugger) and log in as any other user or administrator - then it is possible to do every possible change to the repository.\n\nThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 17.1 and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.",
  "id": "GHSA-j7p7-w7pr-mwpc",
  "modified": "2026-05-19T15:31:29Z",
  "published": "2026-05-19T15:31:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42098"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/en/posts/2026/05/CVE-2026-42096"
    },
    {
      "type": "WEB",
      "url": "https://efigo.pl/blog/CVE-2026-42096"
    },
    {
      "type": "WEB",
      "url": "https://sparxsystems.com/products/ea"
    },
    {
      "type": "WEB",
      "url": "https://sploit.tech/2026/05/19/Sparx-Enterprise-Architect-PCS.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-M839-8XGR-VQHM

Vulnerability from github – Published: 2025-12-02 21:31 – Updated: 2025-12-02 21:31
VLAI
Details

NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data in the database. User access in the client application is restricted by a password authentication check in the client software but the underlying database connection always has access. The latest version of NMIS/BioDose introduces an option to use Windows user authentication with the database, which would restrict this database connection.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-61940"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-603"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-02T21:15:51Z",
    "severity": "HIGH"
  },
  "details": "NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data in the database. User access in the client application is restricted by a password authentication check in the client software but the underlying database connection always has access. The latest version of NMIS/BioDose introduces an option to use Windows user authentication with the database, which would restrict this database connection.",
  "id": "GHSA-m839-8xgr-vqhm",
  "modified": "2025-12-02T21:31:30Z",
  "published": "2025-12-02T21:31:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61940"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-336-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-MP39-4PH2-875C

Vulnerability from github – Published: 2024-04-23 15:30 – Updated: 2024-07-03 18:36
VLAI
Details

An issue in Flipsnack v.18/03/2024 allows a local attacker to obtain sensitive information via the reader.gz.js file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-28627"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-603"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-23T14:15:08Z",
    "severity": "HIGH"
  },
  "details": "An issue in Flipsnack v.18/03/2024 allows a local attacker to obtain sensitive information via the reader.gz.js file.",
  "id": "GHSA-mp39-4ph2-875c",
  "modified": "2024-07-03T18:36:39Z",
  "published": "2024-04-23T15:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28627"
    },
    {
      "type": "WEB",
      "url": "https://labs.integrity.pt/advisories/cve-2024-28627"
    },
    {
      "type": "WEB",
      "url": "https://www.flipsnack.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MQMF-37JQ-C9P6

Vulnerability from github – Published: 2026-01-23 09:30 – Updated: 2026-01-23 09:30
VLAI
Details

IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-1363"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-603"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-23T09:15:47Z",
    "severity": "CRITICAL"
  },
  "details": "IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end.",
  "id": "GHSA-mqmf-37jq-c9p6",
  "modified": "2026-01-23T09:30:29Z",
  "published": "2026-01-23T09:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1363"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/en/cp-139-10653-117a1-2.html"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/tw/cp-132-10652-4cdca-1.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-MXFH-PJ5J-6V79

Vulnerability from github – Published: 2024-06-27 18:31 – Updated: 2024-09-17 18:33
VLAI
Details

TELSAT marKoni FM Transmitters are vulnerable to an attacker bypassing authentication and gaining administrator privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39375"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-603"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-27T16:15:11Z",
    "severity": "CRITICAL"
  },
  "details": "TELSAT marKoni FM Transmitters are vulnerable to an attacker bypassing authentication and gaining administrator privileges.",
  "id": "GHSA-mxfh-pj5j-6v79",
  "modified": "2024-09-17T18:33:24Z",
  "published": "2024-06-27T18:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39375"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-P6XJ-9VGW-4XP9

Vulnerability from github – Published: 2022-11-23 18:30 – Updated: 2022-11-28 18:30
VLAI
Details

This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. This can lead to HTTP request smuggling or XSS.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-38114"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-444",
      "CWE-603"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-23T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. This can lead to HTTP request smuggling or XSS.",
  "id": "GHSA-p6xj-9vgw-4xp9",
  "modified": "2022-11-28T18:30:15Z",
  "published": "2022-11-23T18:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38114"
    },
    {
      "type": "WEB",
      "url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2022-4_release_notes.htm"
    },
    {
      "type": "WEB",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38114"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PCRM-W585-FVG9

Vulnerability from github – Published: 2024-10-25 09:32 – Updated: 2024-10-25 09:32
VLAI
Details

MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users' credential and sensitive information may be retrieved.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-45785"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-603"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-25T08:15:02Z",
    "severity": "HIGH"
  },
  "details": "MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users\u0027 credential and sensitive information may be retrieved.",
  "id": "GHSA-pcrm-w585-fvg9",
  "modified": "2024-10-25T09:32:01Z",
  "published": "2024-10-25T09:32:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45785"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/jp/JVN31982676"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RFWF-H4FR-XR3G

Vulnerability from github – Published: 2026-03-02 12:30 – Updated: 2026-03-09 18:31
VLAI
Details

The CGM CLININET system provides smart card authentication; however, authentication is conducted locally on the client device, and, in reality, only the certificate number is used for access verification. As a result, possession of the certificate number alone is sufficient for authentication, regardless of the actual presence of the smart card or ownership of the private key.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-30042"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-603"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-02T12:16:01Z",
    "severity": "CRITICAL"
  },
  "details": "The CGM CLININET system provides smart card authentication; however, authentication is conducted locally on the client device, and, in reality, only the certificate number is used for access verification. As a result, possession of the certificate number alone is sufficient for authentication, regardless of the actual presence of the smart card or ownership of the private key.",
  "id": "GHSA-rfwf-h4fr-xr3g",
  "modified": "2026-03-09T18:31:36Z",
  "published": "2026-03-02T12:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30042"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/en/posts/2026/03/CVE-2025-10350"
    },
    {
      "type": "WEB",
      "url": "https://www.cgm.com/pol_pl/products/szpital/cgm-clininet.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-WJC9-9JQG-MCQ7

Vulnerability from github – Published: 2025-10-17 21:31 – Updated: 2025-10-18 03:30
VLAI
Details

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-62650"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-603"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-17T21:15:38Z",
    "severity": "HIGH"
  },
  "details": "The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen.",
  "id": "GHSA-wjc9-9jqg-mcq7",
  "modified": "2025-10-18T03:30:25Z",
  "published": "2025-10-17T21:31:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62650"
    },
    {
      "type": "WEB",
      "url": "https://archive.today/fMYQp"
    },
    {
      "type": "WEB",
      "url": "https://bobdahacker.com/blog/rbi-hacked-drive-thrus"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20250906134240/https:/bobdahacker.com/blog/rbi-hacked-drive-thrus"
    },
    {
      "type": "WEB",
      "url": "https://www.malwarebytes.com/blog/news/2025/09/popeyes-tim-hortons-burger-king-platforms-have-catastrophic-vulnerabilities-say-hackers"
    },
    {
      "type": "WEB",
      "url": "https://www.yahoo.com/news/articles/burger-king-hacked-attackers-impressed-124154038.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Do not rely on client side data. Always perform server side authentication.

No CAPEC attack patterns related to this CWE.