CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,326 vulnerabilities with CWE-284
CVE-2020-3418
MEDIUM
Cisco IOS XE Wireless Controller - Info Disclosure
CVSS 4.7
CVE-2020-3396
MEDIUM
Cisco IOS XE - Privilege Escalation
CVSS 6.8
CVE-2020-15181
CRITICAL
Alfresco Reset Password <1.2.0 - Privilege Escalation
CVSS 9.3
CVE-2020-8028
CRITICAL
SUSE Manager <4.1 - Privilege Escalation
CVSS 9.3
CVE-2020-7531
HIGH
SCADAPack 7x Remote Connect < 3.6.3.574 - Unauthenticated Arbitrary Code Execution via Executable Placement
CVSS 7.8
CVE-2020-3522
MEDIUM
Cisco Data Center Network Manager < 11.4(1) - Authenticated Authorization Bypass via Crafted URL
CVSS 6.3
CVE-2020-16241
MEDIUM
Philips SureSigns VS4 Firmware < a.07.107 - Improper Access Control
CVSS 6.3
CVE-2020-3448
MEDIUM
Cisco Cyber Vision Center Software - Auth Bypass
CVSS 5.8
CVE-2020-3413
MEDIUM
Cisco Webex Meetings - Privilege Escalation
CVSS 4.3
CVE-2020-3412
MEDIUM
Cisco Webex Meetings - Privilege Escalation
CVSS 4.3
CVE-2020-5396
HIGH
VMware GemFire 9.7.0-9.7.5 and Tanzu GemFire for VMs 1.10.0-1.10.1 - Remote Code Execution via JMX MLet MBean
CVSS 8.8
CVE-2020-10731
CRITICAL
Red Hat OpenStack Platform 16 - Privilege Escalation
CVSS 9.9
CVE-2020-10930
MEDIUM
NETGEAR R6700 V1.0.4.84_10.0.58 - Info Disclosure
CVSS 6.5
CVE-2020-8207
HIGH
Citrix Workspace app <2006.1 - Privilege Escalation
CVSS 8.8
CVE-2020-15102
MEDIUM
PrestaShop Dashboard Productions <2.1.0 - Privilege Escalation
CVSS 6.5
CVE-2020-3144
CRITICAL
Cisco RV110W RV130 RV130W RV215W Firmware - Unauthenticated Remote Code Execution via Session Management Bypass
CVSS 9.8
CVE-2020-10288
CRITICAL
ABB RobotWare - Unauthenticated FTP Server Access via Empty Credential Bypass
CVSS 9.8
CVE-2020-14499
HIGH
Advantech iView < 5.6 - Unauthenticated User Credential Exposure via Improper Access Control
CVSS 7.5
CVE-2020-7578
HIGH
Opcenter Execution Core < 8.2 - Authenticated Improper Access Control
CVSS 8.1
CVE-2020-8196
MEDIUM
KEV
Citrix ADC/Gateway <13.0-58.30 - Info Disclosure
CVSS 4.3
CVE-2020-8193
MEDIUM
KEV
Citrix ADC/Gateway <13.0-58.30 - Info Disclosure
CVSS 6.5
CVE-2020-8179
MEDIUM
Nextcloud Deck 1.0.0 - Code Injection
CVSS 4.1
CVE-2020-15079
MEDIUM
PrestaShop <1.7.6.6 - Privilege Escalation
CVSS 6.4
CVE-2020-2500
CRITICAL
QNAP Helpdesk < 3.0.1 - Improper Access Control via API Key Exposure
CVSS 9.8
CVE-2020-12024
MEDIUM
Baxter ExactaMix EM 2400 and EM1200 Firmware - Unauthenticated Physical Access Control Bypass via USB Interface
CVSS 6.1
Details
Vulnerabilities
5,326