CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,401 vulnerabilities with CWE-862
CVE-2023-4938 MEDIUM
BEAR Professional for WooCommerce <= 1.1.3.3 - Authenticated Missing Authorization
CVSS 4.3
CVE-2023-44689 MEDIUM
e-Gov Client Application < 2.1.1.0 (Windows) and < 1.1.1.0 (macOS) - Missing Authorization via Custom URL Scheme Handler
CVSS 4.3
CVE-2023-42473 MEDIUM
SAP S/4HANA 106 - Authenticated Privilege Escalation via Missing Authorization
CVSS 5.4
CVE-2023-45247 HIGH
Acronis Agent < c23.10 - Unauthenticated Sensitive Information Disclosure and Manipulation
CVSS 7.1
CVE-2023-43700 HIGH
SICK APU0200 Firmware < 4.0.0.6 - Unauthenticated Data Modification via RDT400 HTTP Requests
CVSS 7.7
CVE-2023-5331 MEDIUM
Mattermost < 7.8.11 - Missing Authorization in Draft Post File Attachment
CVSS 4.3
CVE-2023-45370 MEDIUM
MediaWiki SportsTeams Extension <1.35.12, 1.36.x-1.39.x <1.39.5, 1.40.x <1.40.1 - Missing Authorization
CVSS 5.3
CVE-2023-40654 MEDIUM
FW-PackageManager - Privilege Escalation
CVSS 6.7
CVE-2023-40653 MEDIUM
FW-PackageManager - Privilege Escalation
CVSS 6.7
CVE-2023-40650 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Telecom Service
CVSS 5.5
CVE-2023-40649 MEDIUM
Android - Missing Authorization in Messaging
CVSS 5.5
CVE-2023-40648 MEDIUM
Google Android Messaging - Information Disclosure
CVSS 5.5
CVE-2023-40647 MEDIUM
Google Android Messaging - Information Disclosure
CVSS 5.5
CVE-2023-40646 MEDIUM
Android - Missing Authorization in Messaging
CVSS 5.5
CVE-2023-40645 MEDIUM
Google Android Messaging - Information Disclosure
CVSS 5.5
CVE-2023-40644 MEDIUM
Android - Missing Authorization in Messaging
CVSS 5.5
CVE-2023-40643 MEDIUM
Android - Missing Authorization in Messaging
CVSS 5.5
CVE-2023-40642 MEDIUM
Google Android Messaging - Information Disclosure
CVSS 5.5
CVE-2023-40641 MEDIUM
Google Android Messaging - Information Disclosure
CVSS 5.5
CVE-2023-40640 MEDIUM
Android - Missing Authorization in SoundRecorder Service
CVSS 5.5
CVE-2023-40639 MEDIUM
Android - Missing Authorization in SoundRecorder Service
CVSS 5.5
CVE-2023-40638 MEDIUM
Android - Missing Authorization in Telecom Service
CVSS 4.4
CVE-2023-40637 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Telecom Service
CVSS 5.5
CVE-2023-40636 MEDIUM
Android - Local Information Disclosure via Permission Usage Record Write
CVSS 4.4
CVE-2023-40635 HIGH
Android - Missing Authorization in linkturbo
CVSS 7.8
Details
Vulnerabilities 8,401
Exploit Likelihood High