CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,331 vulnerabilities with CWE-284
CVE-2019-11895
MEDIUM
Bosch Smart Home Controller <9.8.905 - DoS
CVSS 5.3
CVE-2019-11894
MEDIUM
Bosch Smart Home Controller <9.8.905 - Info Disclosure
CVSS 5.7
CVE-2019-11892
HIGH
Bosch Smart Home Controller <9.8.905 - Info Disclosure
CVSS 8.0
CVE-2019-11634
CRITICAL
KEV
Citrix Workspace App <1904 - Privilege Escalation
CVSS 9.8
CVE-2019-1649
MEDIUM
Cisco ASA 5500 Firmware < 1.1.15 - Authenticated Arbitrary Firmware Write via FPGA Update Handler
CVSS 6.7
CVE-2019-3566
MEDIUM
WhatsApp for Android 2.19.52-2.19.103 & Business 2.19.22-2.19.38 - Unauthenticated Message Recovery
CVSS 5.9
CVE-2019-6566
HIGH
GE Communicator < 4.0.517 - Privilege Escalation via Uninstaller Replacement
CVSS 7.8
CVE-2019-6544
MEDIUM
GE Communicator < 4.0.517 - Unauthenticated Privilege Escalation via System Service
CVSS 5.6
CVE-2019-5014
MEDIUM
Winco Fireworks FireFly FW-1007 V2.0 - Info Disclosure
CVSS 6.5
CVE-2019-1695
MEDIUM
Cisco ASA <9.8.4, 9.9-9.9.2.50 & FTD 6.2.1-6.2.3.12 - Unauthenticated Kernel Data Injection
CVSS 6.5
CVE-2019-3936
HIGH
Crestron AM-100 and AM-101 - Denial of Service via Crafted TCP Port 389 Request
CVSS 7.5
CVE-2019-3935
CRITICAL
Crestron AM-100 and AM-101 - Unauthenticated Improper Access Control via conference.cgi
CVSS 9.1
CVE-2019-3934
MEDIUM
Crestron AM-100 and AM-101 - Unauthenticated Improper Access Control via login.cgi
CVSS 5.3
CVE-2019-3933
MEDIUM
Crestron AM-100 and AM-101 - Unauthenticated Access Control Bypass via /images/browserslide.jpg
CVSS 5.3
CVE-2019-3928
MEDIUM
Crestron AM-100 and AM-101 - Unauthenticated Presentation Passcode Exposure via SNMP OID
CVSS 5.3
CVE-2019-3927
CRITICAL
Crestron AM-100 and AM-101 - Unauthenticated Password Change via SNMP OID
CVSS 9.8
CVE-2019-10950
CRITICAL
Fujifilm CR-IR 357 FCR Carbon X/FCR XC-2/FCR Capsula X - Unauthenticated OS Access via Insecure Telnet Service
CVSS 9.8
CVE-2019-7476
HIGH
SonicWall Global Management System <9.1 - RCE
CVSS 8.1
CVE-2019-1805
MEDIUM
Cisco Wireless LAN Controller - Info Disclosure
CVSS 4.3
CVE-2019-1686
HIGH
Cisco IOS XR 5.1.1-6.5.1 - Unauthenticated Access Control Bypass via TCP Flags Inspection
CVSS 8.6
CVE-2019-3845
HIGH
Red Hat Satellite < 6.2 - Authenticated Privileged Command Execution via QPID Broker QMF Methods
CVSS 8.0
CVE-2019-0041
HIGH
Juniper Junos OS 18.2 < 18.2R1-S2, 18.2R2 on EX4300-MP - Improper Access Control via lo0 Filter Bypass
CVSS 8.6
CVE-2019-0036
CRITICAL
Junos OS - Improper Access Control via Stateless Firewall Filter Term Naming
CVSS 9.8
CVE-2019-8456
MEDIUM
Check Point IKEv2 IPsec VPN - Improper Access Control
CVSS 5.9
CVE-2019-6140
CRITICAL
Forcepoint Email Security 8.4.x and 8.5.x < 8.5.3 - Improper Access Control
CVSS 9.8
Details
Vulnerabilities
5,331