CWE · MITRE source
CWE-305Authentication Bypass by Primary Weakness
The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2025-31161 KEV | 9.1 | 9.8 | 0.8621 | 2025-04-03 |
CVE-2024-37085 KEV | 7.9 | 6.8 | 0.7513 | 2024-06-25 |
CVE-2023-34124 | 7.4 | 9.8 | 0.9132 | 2023-07-13 |
CVE-2023-0777 | 6.5 | 9.8 | 0.7615 | 2023-02-10 |
CVE-2021-26102 | 5.6 | 9.8 | 0.6081 | 2024-12-19 |
CVE-2020-10923 | 5.4 | 8.8 | 0.6024 | 2020-07-28 |
CVE-2024-50478 | 3.7 | 9.8 | 0.2864 | 2024-10-28 |
CVE-2022-2651 | 3.0 | 9.8 | 0.1694 | 2022-08-04 |
CVE-2024-1403 | 3.0 | 10.0 | 0.1624 | 2024-02-27 |
CVE-2024-20674 | 2.7 | 8.8 | 0.1605 | 2024-01-09 |
CVE-2025-32011 | 2.1 | 9.8 | 0.0239 | 2025-05-01 |
CVE-2019-14910 | 2.0 | 9.8 | 0.0042 | 2019-12-05 |
CVE-2020-15787 | 2.0 | 9.8 | 0.0042 | 2020-09-09 |
CVE-2020-24683 | 2.0 | 9.8 | 0.0045 | 2020-12-22 |
CVE-2022-0547 | 2.0 | 9.8 | 0.0046 | 2022-03-18 |
CVE-2023-1307 | 2.0 | 9.8 | 0.0020 | 2023-03-10 |
CVE-2023-1833 | 2.0 | 9.8 | 0.0036 | 2023-04-14 |
CVE-2023-34137 | 2.0 | 9.8 | 0.0008 | 2023-07-13 |
CVE-2023-4501 | 2.0 | 9.8 | 0.0017 | 2023-09-12 |
CVE-2023-7103 | 2.0 | 9.8 | 0.0002 | 2024-03-05 |
CVE-2024-1202 | 2.0 | 9.8 | 0.0007 | 2024-03-21 |
CVE-2023-6153 | 2.0 | 9.8 | 0.0008 | 2024-03-27 |
CVE-2024-36388 | 2.0 | 10.0 | 0.0020 | 2024-06-02 |
CVE-2023-41920 | 2.0 | 9.8 | 0.0014 | 2024-07-02 |
CVE-2025-24522 | 2.0 | 10.0 | 0.0030 | 2025-05-01 |