CWE-603
AllowedUse of Client-Side Authentication
Abstraction: Base · Status: Draft
A client/server product performs authentication within client code but not in server code, allowing server-side authentication to be bypassed via a modified client that omits the authentication check.
41 vulnerabilities reference this CWE, most recent first.
GHSA-HRXV-HVCR-JJ9X
Vulnerability from github – Published: 2025-03-31 06:30 – Updated: 2025-03-31 06:30Use of client-side authentication issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, a remote attacker may obtain the product login password without authentication.
{
"affected": [],
"aliases": [
"CVE-2025-24517"
],
"database_specific": {
"cwe_ids": [
"CWE-603"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-31T05:15:15Z",
"severity": "HIGH"
},
"details": "Use of client-side authentication issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, a remote attacker may obtain the product login password without authentication.",
"id": "GHSA-hrxv-hvcr-jj9x",
"modified": "2025-03-31T06:30:26Z",
"published": "2025-03-31T06:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24517"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/vu/JVNVU91154745"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-084-04"
},
{
"type": "WEB",
"url": "https://www.inaba.co.jp/files/chocomini_vulnerability.pdf"
},
{
"type": "WEB",
"url": "https://www.nozominetworks.com/blog/unpatched-vulnerabilities-in-production-line-cameras-may-allow-remote-surveillance-hinder-stoppage-recording"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-J7P7-W7PR-MWPC
Vulnerability from github – Published: 2026-05-19 15:31 – Updated: 2026-05-19 15:31Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior (e.g. using a debugger) and log in as any other user or administrator - then it is possible to do every possible change to the repository.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 17.1 and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
{
"affected": [],
"aliases": [
"CVE-2026-42098"
],
"database_specific": {
"cwe_ids": [
"CWE-603"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-19T14:16:42Z",
"severity": "HIGH"
},
"details": "Sparx Enterprise Architect software has a security feature that limits user\u0027s actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior (e.g. using a debugger) and log in as any other user or administrator - then it is possible to do every possible change to the repository.\n\nThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 17.1 and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.",
"id": "GHSA-j7p7-w7pr-mwpc",
"modified": "2026-05-19T15:31:29Z",
"published": "2026-05-19T15:31:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42098"
},
{
"type": "WEB",
"url": "https://cert.pl/en/posts/2026/05/CVE-2026-42096"
},
{
"type": "WEB",
"url": "https://efigo.pl/blog/CVE-2026-42096"
},
{
"type": "WEB",
"url": "https://sparxsystems.com/products/ea"
},
{
"type": "WEB",
"url": "https://sploit.tech/2026/05/19/Sparx-Enterprise-Architect-PCS.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-M839-8XGR-VQHM
Vulnerability from github – Published: 2025-12-02 21:31 – Updated: 2025-12-02 21:31NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data in the database. User access in the client application is restricted by a password authentication check in the client software but the underlying database connection always has access. The latest version of NMIS/BioDose introduces an option to use Windows user authentication with the database, which would restrict this database connection.
{
"affected": [],
"aliases": [
"CVE-2025-61940"
],
"database_specific": {
"cwe_ids": [
"CWE-603"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-02T21:15:51Z",
"severity": "HIGH"
},
"details": "NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data in the database. User access in the client application is restricted by a password authentication check in the client software but the underlying database connection always has access. The latest version of NMIS/BioDose introduces an option to use Windows user authentication with the database, which would restrict this database connection.",
"id": "GHSA-m839-8xgr-vqhm",
"modified": "2025-12-02T21:31:30Z",
"published": "2025-12-02T21:31:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61940"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-336-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-MP39-4PH2-875C
Vulnerability from github – Published: 2024-04-23 15:30 – Updated: 2024-07-03 18:36An issue in Flipsnack v.18/03/2024 allows a local attacker to obtain sensitive information via the reader.gz.js file.
{
"affected": [],
"aliases": [
"CVE-2024-28627"
],
"database_specific": {
"cwe_ids": [
"CWE-603"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-23T14:15:08Z",
"severity": "HIGH"
},
"details": "An issue in Flipsnack v.18/03/2024 allows a local attacker to obtain sensitive information via the reader.gz.js file.",
"id": "GHSA-mp39-4ph2-875c",
"modified": "2024-07-03T18:36:39Z",
"published": "2024-04-23T15:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28627"
},
{
"type": "WEB",
"url": "https://labs.integrity.pt/advisories/cve-2024-28627"
},
{
"type": "WEB",
"url": "https://www.flipsnack.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MQMF-37JQ-C9P6
Vulnerability from github – Published: 2026-01-23 09:30 – Updated: 2026-01-23 09:30IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end.
{
"affected": [],
"aliases": [
"CVE-2026-1363"
],
"database_specific": {
"cwe_ids": [
"CWE-603"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-23T09:15:47Z",
"severity": "CRITICAL"
},
"details": "IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end.",
"id": "GHSA-mqmf-37jq-c9p6",
"modified": "2026-01-23T09:30:29Z",
"published": "2026-01-23T09:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1363"
},
{
"type": "WEB",
"url": "https://www.twcert.org.tw/en/cp-139-10653-117a1-2.html"
},
{
"type": "WEB",
"url": "https://www.twcert.org.tw/tw/cp-132-10652-4cdca-1.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-MXFH-PJ5J-6V79
Vulnerability from github – Published: 2024-06-27 18:31 – Updated: 2024-09-17 18:33TELSAT marKoni FM Transmitters are vulnerable to an attacker bypassing authentication and gaining administrator privileges.
{
"affected": [],
"aliases": [
"CVE-2024-39375"
],
"database_specific": {
"cwe_ids": [
"CWE-603"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-27T16:15:11Z",
"severity": "CRITICAL"
},
"details": "TELSAT marKoni FM Transmitters are vulnerable to an attacker bypassing authentication and gaining administrator privileges.",
"id": "GHSA-mxfh-pj5j-6v79",
"modified": "2024-09-17T18:33:24Z",
"published": "2024-06-27T18:31:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39375"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-P6XJ-9VGW-4XP9
Vulnerability from github – Published: 2022-11-23 18:30 – Updated: 2022-11-28 18:30This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. This can lead to HTTP request smuggling or XSS.
{
"affected": [],
"aliases": [
"CVE-2022-38114"
],
"database_specific": {
"cwe_ids": [
"CWE-444",
"CWE-603"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-23T17:15:00Z",
"severity": "MODERATE"
},
"details": "This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. This can lead to HTTP request smuggling or XSS.",
"id": "GHSA-p6xj-9vgw-4xp9",
"modified": "2022-11-28T18:30:15Z",
"published": "2022-11-23T18:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38114"
},
{
"type": "WEB",
"url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2022-4_release_notes.htm"
},
{
"type": "WEB",
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-38114"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PCRM-W585-FVG9
Vulnerability from github – Published: 2024-10-25 09:32 – Updated: 2024-10-25 09:32MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users' credential and sensitive information may be retrieved.
{
"affected": [],
"aliases": [
"CVE-2024-45785"
],
"database_specific": {
"cwe_ids": [
"CWE-603"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-25T08:15:02Z",
"severity": "HIGH"
},
"details": "MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users\u0027 credential and sensitive information may be retrieved.",
"id": "GHSA-pcrm-w585-fvg9",
"modified": "2024-10-25T09:32:01Z",
"published": "2024-10-25T09:32:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45785"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/jp/JVN31982676"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RFWF-H4FR-XR3G
Vulnerability from github – Published: 2026-03-02 12:30 – Updated: 2026-03-09 18:31The CGM CLININET system provides smart card authentication; however, authentication is conducted locally on the client device, and, in reality, only the certificate number is used for access verification. As a result, possession of the certificate number alone is sufficient for authentication, regardless of the actual presence of the smart card or ownership of the private key.
{
"affected": [],
"aliases": [
"CVE-2025-30042"
],
"database_specific": {
"cwe_ids": [
"CWE-603"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-02T12:16:01Z",
"severity": "CRITICAL"
},
"details": "The CGM CLININET system provides smart card authentication; however, authentication is conducted locally on the client device, and, in reality, only the certificate number is used for access verification. As a result, possession of the certificate number alone is sufficient for authentication, regardless of the actual presence of the smart card or ownership of the private key.",
"id": "GHSA-rfwf-h4fr-xr3g",
"modified": "2026-03-09T18:31:36Z",
"published": "2026-03-02T12:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30042"
},
{
"type": "WEB",
"url": "https://cert.pl/en/posts/2026/03/CVE-2025-10350"
},
{
"type": "WEB",
"url": "https://www.cgm.com/pol_pl/products/szpital/cgm-clininet.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-WJC9-9JQG-MCQ7
Vulnerability from github – Published: 2025-10-17 21:31 – Updated: 2025-10-18 03:30The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen.
{
"affected": [],
"aliases": [
"CVE-2025-62650"
],
"database_specific": {
"cwe_ids": [
"CWE-603"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-17T21:15:38Z",
"severity": "HIGH"
},
"details": "The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen.",
"id": "GHSA-wjc9-9jqg-mcq7",
"modified": "2025-10-18T03:30:25Z",
"published": "2025-10-17T21:31:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62650"
},
{
"type": "WEB",
"url": "https://archive.today/fMYQp"
},
{
"type": "WEB",
"url": "https://bobdahacker.com/blog/rbi-hacked-drive-thrus"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20250906134240/https:/bobdahacker.com/blog/rbi-hacked-drive-thrus"
},
{
"type": "WEB",
"url": "https://www.malwarebytes.com/blog/news/2025/09/popeyes-tim-hortons-burger-king-platforms-have-catastrophic-vulnerabilities-say-hackers"
},
{
"type": "WEB",
"url": "https://www.yahoo.com/news/articles/burger-king-hacked-attackers-impressed-124154038.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
Mitigation
Do not rely on client side data. Always perform server side authentication.
No CAPEC attack patterns related to this CWE.