CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,319 vulnerabilities with CWE-284
CVE-2021-3864 HIGH
Linux Kernel - Improper Access Control via SUID Binary Core Dump Handling
CVSS 7.0
CVE-2021-4037 HIGH
Linux kernel - Privilege Escalation
CVSS 7.8
CVE-2021-46304 HIGH
CP-8000/8021/8022 - Info Disclosure
CVSS 7.5
CVE-2021-28511 MEDIUM
Arista EOS < 4.24.9 - Security ACL Bypass via NAT ACL Rule Conflict
CVSS 5.8
CVE-2021-38417 HIGH
VISAM VBASE <11.6.0.6 - Info Disclosure
CVSS 7.4
CVE-2021-41834 MEDIUM
JFrog Artifactory < 6.23.38 - Broken Access Control via Copy Artifact Functionality
CVSS 5.3
CVE-2021-45730 MEDIUM
JFrog Artifactory <7.31.10 - Privilege Escalation
CVSS 6.0
CVE-2021-35249 MEDIUM
SolarWinds Serv-U < 15.3.1 - Unauthorized Domain Data Access via Broken Access Control
CVSS 4.3
CVE-2021-27444 CRITICAL
Weintek cMT Firmware < 20210305 - Unauthenticated Improper Access Control
CVSS 9.8
CVE-2021-33013 HIGH
mySCADA myPRO <8.20.0 - Info Disclosure
CVSS 8.2
CVE-2021-43986 MEDIUM
Product Setup - Privilege Escalation
CVSS 6.0
CVE-2021-26627 HIGH
qcp200w_firmware - Unauthenticated Real-Time Image Information Exposure via RTSP Port
CVSS 7.5
CVE-2021-28505 HIGH
Arista EOS 4.26-4.26.4m - Improper Access Control in VXLAN Match Rule
CVSS 7.5
CVE-2021-40405 MEDIUM
Reolink RLC-410W <v3.0.0.136_20121102 - DoS
CVSS 6.5
CVE-2021-42029 HIGH
SIMATIC STEP 7 V15, V16 < Update 5, V17 < Update 2 - Privilege Escalation via Web Server Access
CVSS 7.8
CVE-2021-36776 HIGH
Rancher < 2.5.10 - Improper Access Control
CVSS 8.8
CVE-2021-36775 HIGH
Rancher < 2.4.18 - Improper Access Control
CVSS 8.8
CVE-2021-28504 HIGH
Arista EOS 4.26-4.26.4m - Improper Access Control via TCAM Profile VXLAN Protocol Rule
CVSS 7.5
CVE-2021-42855 HIGH
SteelCentral AppInternals Agent 11.0.0-11.8.7 Local Privilege Escalation via Debug Config
CVSS 7.8
CVE-2021-41543 MEDIUM
Climatix POL909 Firmware < 11.36 (AWM) and < 11.44 (AWB) - Authenticated Information Disclosure via Log File Handling
CVSS 6.5
CVE-2021-46270 LOW
JFrog Artifactory <7.31.10 - Info Disclosure
CVSS 2.7
CVE-2021-45074 MEDIUM
JFrog Artifactory 6.0.0-6.23.38 - Broken Access Control on OAuth Token Deletion
CVSS 4.3
CVE-2021-24688 MEDIUM
Orange Form WordPress <1.0.1 - CSRF
CVSS 4.3
CVE-2021-3967 HIGH
zulip < 4.10 - Improper Access Control
CVSS 8.8
CVE-2021-4201 CRITICAL
ForgeRock AM <7.1.1-6.5.4 - Info Disclosure
CVSS 9.6
Details
Vulnerabilities 5,319