CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,326 vulnerabilities with CWE-284
CVE-2020-10278 MEDIUM
MiR and Enabled Robotics Firmware < 2.8.1.1 - Unauthenticated BIOS Access Control Bypass
CVSS 4.6
CVE-2020-4062 HIGH
Conjur OSS Helm Chart < 2.0.0 - Unauthenticated Improper Access Control via Open Postgres Port
CVSS 8.7
CVE-2020-3364 MEDIUM
Cisco IOS XR - Unauthenticated Access Control Bypass via Standby Route Processor Management Interface
CVSS 5.3
CVE-2020-3245 MEDIUM
Cisco Smart Software Manager On-Prem - Auth Bypass
CVSS 5.3
CVE-2020-3231 MEDIUM
Cisco IOS - Unauthenticated Broadcast Traffic Forwarding via 802.1X Port Mishandling
CVSS 4.7
CVE-2020-12493 CRITICAL
SWARCO CPU LS4000 - Privilege Escalation
CVSS 10.0
CVE-2020-6774 CRITICAL
Bosch Recording Station Firmware - Unauthenticated Improper Access Control in Kiosk Mode
CVSS 9.3
CVE-2020-9046 HIGH
Kantech EntraPass < 8.22 - Privilege Escalation via File Replacement
CVSS 8.8
CVE-2020-2025 HIGH
Kata Containers runtime < 1.11.0 - Unauthenticated Guest-to-Host Filesystem Overwrite via Image Persistence
CVSS 8.8
CVE-2020-11931 LOW
pulseaudio < 1.8.0 - Improper Access Control via Snap Policy Module Unload
CVSS 3.3
CVE-2020-10612 CRITICAL
Opto 22 SoftPAC <9.6 - Privilege Escalation
CVSS 9.1
CVE-2020-8153 HIGH
Groupfolders app 4.0.3 - Info Disclosure
CVSS 8.1
CVE-2020-3329 MEDIUM
Cisco IMC/UCS Director - Privilege Escalation
CVSS 4.3
CVE-2020-3312 HIGH
Cisco Firepower Threat Defense - Info Disclosure
CVSS 7.5
CVE-2020-3253 MEDIUM
Cisco Firepower Threat Defense - Privilege Escalation
CVSS 6.7
CVE-2020-3186 MEDIUM
Cisco Firepower Threat Defense - Auth Bypass
CVSS 5.3
CVE-2020-1732 MEDIUM
Soteria <1.0.1 - Privilege Escalation
CVSS 4.2
CVE-2020-8157 MEDIUM
UniFi Cloud Key <v1.1.10 - Privilege Escalation
CVSS 6.8
CVE-2020-11028 MEDIUM
WordPress < 5.4.1 - Unauthenticated Private Post Disclosure
CVSS 5.8
CVE-2020-10641 HIGH
Ignition Gateway 8.0-8.0.9 - Unauthenticated Denial of Service via Unprotected Logging Route
CVSS 7.5
CVE-2020-5293 MEDIUM
PrestaShop 1.7.0.0-1.7.6.5 - Improper Access Control on Product Page
CVSS 6.5
CVE-2020-5288 MEDIUM
PrestaShop 1.7.0.0-1.7.6.5 - Improper Access Control on Product Attributes Page
CVSS 4.1
CVE-2020-5287 MEDIUM
PrestaShop 1.5.5.0-1.7.6.5 - Improper Access Control in Customer Search
CVSS 4.1
CVE-2020-5279 MEDIUM
PrestaShop 1.5.0.0-1.7.6.5 - Improper Access Control in Legacy Controllers
CVSS 4.1
CVE-2020-7278 HIGH
McAfee Endpoint Security for Windows - Improper Access Control in Firewall Rule Handling
CVSS 7.4
Details
Vulnerabilities 5,326