CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,311 vulnerabilities with CWE-284
CVE-2022-1631 HIGH
microweber < 1.2.15 - Unauthenticated Account Takeover via Email Registration
CVSS 8.8
CVE-2022-20780 CRITICAL
Cisco Enterprise NFV Infrastructure Software < 4.7.1 - Unauthenticated Command Injection and Data Leak
CVSS 9.9
CVE-2022-20779 CRITICAL
Cisco Enterprise NFV Infrastructure Software < 4.7.1 - Improper Access Control
CVSS 9.9
CVE-2022-20777 CRITICAL
Cisco Enterprise NFV Infrastructure Software < 4.7.1 - Improper Access Control
CVSS 9.9
CVE-2022-28780 MEDIUM
Weather <SMR May-2022 Release 1 - Info Disclosure
CVSS 5.0
CVE-2022-29417 MEDIUM
ShortPixel Adaptive Images <=3.3.1 - Privilege Escalation
CVSS 4.3
CVE-2022-0541 CRITICAL
WordPress Plugin <2.4.1 - Code Injection
CVSS 9.8
CVE-2022-20732 HIGH
Cisco Virtualized Infrastructure Manager < 4.2.2 - Authenticated Privilege Escalation via Configuration File Access
CVSS 7.8
CVE-2022-21476 HIGH
Oracle GraalVM & Java SE Unauthenticated Data Access via Libraries
CVSS 7.5
CVE-2022-24841 MEDIUM
fleetdm/fleet < 4.13 - Authorization Bypass via Team Admin Privilege Escalation
CVSS 6.5
CVE-2022-20716 HIGH
Cisco SD-WAN Software - Privilege Escalation
CVSS 7.8
CVE-2022-22190 HIGH
Juniper Paragon Active Assurance Control Center 3.1.0 - Unauthenticated Sensitive Data Exposure
CVSS 7.4
CVE-2022-22183 HIGH
Juniper Networks Junos OS Evolved - DoS
CVSS 7.5
CVE-2022-25755 HIGH
Siemens SCALANCE X Series - Improper Access Control via Missing Security Headers
CVSS 7.5
CVE-2022-25650 MEDIUM
Mendix 7.0.0-7.23.26, 8.0.0-8.18.13, 9.0.0-9.11.9, 9.6.0-9.6.2 - Authenticated Information Disclosure
CVSS 6.5
CVE-2022-28778 MEDIUM
Samsung Security Supporter <1.2.40.0 - Info Disclosure
CVSS 4.4
CVE-2022-28777 MEDIUM
Samsung Members <13.6.08.5 - Privilege Escalation
CVSS 4.3
CVE-2022-28775 MEDIUM
Samsung Flow <4.8.06.5 - Privilege Escalation
CVSS 5.1
CVE-2022-28542 MEDIUM
Galaxy Store <4.5.40.5 - Privilege Escalation
CVSS 6.8
CVE-2022-27838 HIGH
Samsung FactoryCamera < 2.1.96 - Improper Access Control
CVSS 7.7
CVE-2022-27836 HIGH
Android Storage Manager < SMR Apr-2022 Release 1 - Improper Access Control and Path Traversal
CVSS 8.4
CVE-2022-27822 MEDIUM
Android - Information Exposure via RIL Property Setting
CVSS 6.6
CVE-2022-26091 MEDIUM
Knox Manage <SMR Apr-2022 Release 1 - Privilege Escalation
CVSS 5.7
CVE-2022-25831 LOW
Android S Secure - Improper Access Control
CVSS 2.0
CVE-2022-20762 HIGH
Cisco Ultra Cloud Core - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 5,311