CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,319 vulnerabilities with CWE-284
CVE-2021-3864
HIGH
Linux Kernel - Improper Access Control via SUID Binary Core Dump Handling
CVSS 7.0
CVE-2021-4037
HIGH
Linux kernel - Privilege Escalation
CVSS 7.8
CVE-2021-46304
HIGH
CP-8000/8021/8022 - Info Disclosure
CVSS 7.5
CVE-2021-28511
MEDIUM
Arista EOS < 4.24.9 - Security ACL Bypass via NAT ACL Rule Conflict
CVSS 5.8
CVE-2021-38417
HIGH
VISAM VBASE <11.6.0.6 - Info Disclosure
CVSS 7.4
CVE-2021-41834
MEDIUM
JFrog Artifactory < 6.23.38 - Broken Access Control via Copy Artifact Functionality
CVSS 5.3
CVE-2021-45730
MEDIUM
JFrog Artifactory <7.31.10 - Privilege Escalation
CVSS 6.0
CVE-2021-35249
MEDIUM
SolarWinds Serv-U < 15.3.1 - Unauthorized Domain Data Access via Broken Access Control
CVSS 4.3
CVE-2021-27444
CRITICAL
Weintek cMT Firmware < 20210305 - Unauthenticated Improper Access Control
CVSS 9.8
CVE-2021-33013
HIGH
mySCADA myPRO <8.20.0 - Info Disclosure
CVSS 8.2
CVE-2021-43986
MEDIUM
Product Setup - Privilege Escalation
CVSS 6.0
CVE-2021-26627
HIGH
qcp200w_firmware - Unauthenticated Real-Time Image Information Exposure via RTSP Port
CVSS 7.5
CVE-2021-28505
HIGH
Arista EOS 4.26-4.26.4m - Improper Access Control in VXLAN Match Rule
CVSS 7.5
CVE-2021-40405
MEDIUM
Reolink RLC-410W <v3.0.0.136_20121102 - DoS
CVSS 6.5
CVE-2021-42029
HIGH
SIMATIC STEP 7 V15, V16 < Update 5, V17 < Update 2 - Privilege Escalation via Web Server Access
CVSS 7.8
CVE-2021-36776
HIGH
Rancher < 2.5.10 - Improper Access Control
CVSS 8.8
CVE-2021-36775
HIGH
Rancher < 2.4.18 - Improper Access Control
CVSS 8.8
CVE-2021-28504
HIGH
Arista EOS 4.26-4.26.4m - Improper Access Control via TCAM Profile VXLAN Protocol Rule
CVSS 7.5
CVE-2021-42855
HIGH
SteelCentral AppInternals Agent 11.0.0-11.8.7 Local Privilege Escalation via Debug Config
CVSS 7.8
CVE-2021-41543
MEDIUM
Climatix POL909 Firmware < 11.36 (AWM) and < 11.44 (AWB) - Authenticated Information Disclosure via Log File Handling
CVSS 6.5
CVE-2021-46270
LOW
JFrog Artifactory <7.31.10 - Info Disclosure
CVSS 2.7
CVE-2021-45074
MEDIUM
JFrog Artifactory 6.0.0-6.23.38 - Broken Access Control on OAuth Token Deletion
CVSS 4.3
CVE-2021-24688
MEDIUM
Orange Form WordPress <1.0.1 - CSRF
CVSS 4.3
CVE-2021-3967
HIGH
zulip < 4.10 - Improper Access Control
CVSS 8.8
CVE-2021-4201
CRITICAL
ForgeRock AM <7.1.1-6.5.4 - Info Disclosure
CVSS 9.6
Details
Vulnerabilities
5,319