CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
5,331 vulnerabilities with CWE-284
CVE-2018-12546
MEDIUM
Eclipse Mosquitto <1.5.5 - Info Disclosure
CVSS 6.5
CVE-2018-16838
MEDIUM
sssd - Improper Access Control via Group Policy Objects Permission Handling
CVSS 5.4
CVE-2018-10612
CRITICAL
CODESYS Control V3 <3.5.14.0 - Info Disclosure
CVSS 9.8
CVE-2018-15459
MEDIUM
Cisco Identity Services Engine - Authenticated Privilege Escalation via Administrative Web Interface
CVSS 6.5
CVE-2018-19634
HIGH
CA Service Desk Manager <17 - Info Disclosure
CVSS 7.5
CVE-2018-15466
MEDIUM
Cisco Policy Suite for Mobile - Unauthenticated Improper Access Control in Graphite Web Interface
CVSS 5.3
CVE-2018-0484
MEDIUM
Cisco IOS and IOS XE - Improper Access Control in SSH Server VRF Handling
CVSS 5.3
CVE-2018-13816
CRITICAL
TIM 1531 IRC Firmware < 2.0 - Unauthenticated Improper Access Control on Port 102/tcp
CVSS 10.0
CVE-2018-7364
CRITICAL
ZTE ZXIN10 < resv1.01.44 - Unauthenticated Remote Code Execution via devcomm Process
CVSS 9.8
CVE-2018-16476
HIGH
Rails < 4.2.11 - Improper Access Control
CVSS 7.5
CVE-2018-17953
HIGH
Linux-PAM 1.3.0 - Improper Access Control via Incorrect Variable in pam_access Rule Matching
CVSS 7.5
CVE-2018-7362
HIGH
ZTE ZXHN F670 Firmware < 1.1.10p3t18 - Unauthenticated Improper Access Control
CVSS 7.5
CVE-2018-15394
CRITICAL
Cisco Stealthwatch Enterprise - Auth Bypass
CVSS 9.8
CVE-2018-17931
MEDIUM
VGo Robot Firmware < 3.0.3.52164 - Unauthenticated Code Execution via Script Alteration
CVSS 6.8
CVE-2018-16466
HIGH
Nextcloud Server <14.0.0-12.0.11 - Privilege Escalation
CVSS 8.1
CVE-2018-17908
HIGH
WebAccess <8.3.2 - Privilege Escalation
CVSS 7.8
CVE-2018-17921
HIGH
SAGA1-L8B Firmware < a0.10 - Unauthenticated Improper Access Control
CVSS 8.8
CVE-2018-15395
MEDIUM
Cisco Wireless LAN Controller - Privilege Escalation
CVSS 5.4
CVE-2018-15398
MEDIUM
Cisco ASA & FTD Software - Unauthenticated Access Control Bypass via Per-User-Override
CVSS 4.0
CVE-2018-15372
HIGH
Cisco IOS XE - Unauthenticated Authentication Bypass via MACsec MKA EAP-TLS
CVSS 8.1
CVE-2018-15371
MEDIUM
Cisco IOS XE - Authenticated Improper Access Control via Shell Access Request Mechanism
CVSS 6.7
CVE-2018-0447
MEDIUM
Cisco Email Security Appliance - Unauthenticated URL Filter Bypass via SPF Message Validation
CVSS 5.3
CVE-2018-0436
HIGH
Cisco Webex Teams < 10.6.0 - Authenticated Improper Access Control
CVSS 8.7
CVE-2018-14804
CRITICAL
Emerson AMS Device Manager <14 - RCE
CVSS 9.8
CVE-2018-15611
MEDIUM
Avaya Aura Communication Manager 6.3.0.1-6.3.16.9 & <7.1.3.1 - Privilege Escalation to Root
CVSS 6.3
Details
Vulnerabilities
5,331