- What is CWE-287?
- When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
- What CVEs are caused by CWE-287?
- 1,738 recorded CVEs are attributed to CWE-287, including CVE-2026-20182, CVE-2026-20127, CVE-2025-32975. 32 are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- Is CWE-287 part of the OWASP Top 10?
- CWE-287 maps to OWASP Top Ten 2007: Broken Authentication and Session Management (A7) in the OWASP security taxonomy.
- How do you prevent CWE-287?
- Use an authentication framework or library such as the OWASP ESAPI Authentication feature.
- How is CWE-287 detected?
- Automated Static Analysis: Automated static analysis is useful for detecting certain types of authentication. A tool may be able to analyze related configuration files, such as .htaccess in Apache web servers, or detect the usage of commonly-used authentication libraries.
- What are the consequences of CWE-287?
- Exploiting CWE-287 can lead to: Read Application Data, Gain Privileges or Assume Identity, Execute Unauthorized Code or Commands.
- Is CWE-287 actively exploited?
- Yes. 32 CWE-287 vulnerabilities are in CISA's KEV catalog of actively exploited flaws, out of 1,738 recorded CVEs.