CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,309 vulnerabilities with CWE-284
CVE-2022-42717 HIGH
Vagrant < 2.3.1 - Local Privilege Escalation via Sudoers Configuration
CVSS 7.8
CVE-2022-34431 MEDIUM
Dell Hybrid Client >=1.5 <1.8 - Denial of Service via Guest User Profile Corruption
CVSS 6.5
CVE-2022-38388 MEDIUM
IBM Navigator Mobile <3.4.1.2 - Info Disclosure
CVSS 5.5
CVE-2022-39878 MEDIUM
Samsung Checkout < 5.0.55.3 - Improper Access Control via Implicit Intent Broadcast
CVSS 4.0
CVE-2022-39877 MEDIUM
Samsung Group Sharing < 13.0.6.15 - Improper Access Control in ProfileSharingAccount
CVSS 4.0
CVE-2022-39875 MEDIUM
Samsung Account < 13.5.01.3 - Unauthorized Logout via Improper Component Protection
CVSS 5.1
CVE-2022-39871 MEDIUM
Samsung SmartThings < 1.7.89.0 - Improper Access Control in cloudNotificationManager.java
CVSS 4.0
CVE-2022-39870 MEDIUM
Samsung SmartThings < 1.7.89.0 - Improper Access Control via PUSH_MESSAGE_RECEIVED Broadcast
CVSS 4.0
CVE-2022-39869 MEDIUM
Samsung SmartThings < 1.7.89.0 - Improper Access Control via REMOVE_PERSISTENT_BANNER Broadcast
CVSS 4.0
CVE-2022-39868 MEDIUM
Samsung SmartThings < 1.7.89.0 - Improper Access Control via Implicit Broadcast
CVSS 4.0
CVE-2022-39867 MEDIUM
Samsung SmartThings < 1.7.89.0 - Improper Access Control via SHOW_PERSISTENT_BANNER Broadcast
CVSS 4.0
CVE-2022-39866 MEDIUM
Samsung SmartThings < 1.7.89.0 - Improper Access Control via Implicit Broadcast
CVSS 4.0
CVE-2022-39865 MEDIUM
Samsung SmartThings < 1.7.89.0 - Improper Access Control via Implicit Broadcast
CVSS 4.0
CVE-2022-39864 LOW
Samsung SmartThings < 1.7.85.25 - Improper Access Control via WifiSetupLaunchHelper Implicit Intent
CVSS 3.3
CVE-2022-39860 MEDIUM
Samsung QuickShare < 13.2.3.5 - Improper Access Control via Implicit Broadcast
CVSS 4.4
CVE-2022-39857 HIGH
Samsung FactoryCameraFB < 3.5.51 - Improper Access Control in CameraTestActivity
CVSS 7.3
CVE-2022-39855 MEDIUM
Android FACM - Improper Access Control
CVSS 5.1
CVE-2022-39854 MEDIUM
Android - Unauthorized Secure Memory Access via IOMMU Improper Protection
CVSS 6.4
CVE-2022-39851 MEDIUM
Android CocktailBarService - Improper Access Control
CVSS 4.0
CVE-2022-39850 LOW
Android - Unauthorized Configuration Data Read via mum_container_policy Service
CVSS 3.3
CVE-2022-39849 LOW
Android - Unauthorized Configuration Data Read via Knox VPN Policy Service
CVSS 3.3
CVE-2022-20728 MEDIUM
Cisco Aironet and Catalyst Access Points - Unauthenticated VLAN Bypass via Native VLAN Packet Injection
CVSS 4.7
CVE-2022-1959 MEDIUM
AppLock <7.9.29 - Privilege Escalation
CVSS 6.6
CVE-2022-36771 MEDIUM
IBM QRadar User Behavior Analytics < 4.1.9 - Authenticated Sensitive Information Disclosure
CVSS 6.5
CVE-2022-39835 MEDIUM
Gajim < 1.5.0 - Unauthenticated Message Spoofing via Crafted XML Stanzas
CVSS 5.3
Details
Vulnerabilities 5,309
Links
MITRE CWE Entry Search this CWE With Exploits