CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,401 vulnerabilities with CWE-862
CVE-2023-4434 MEDIUM
hamza417/inure < build88 - Missing Authorization
CVSS 6.1
CVE-2023-3244 MEDIUM
Comments Like Dislike <1.1.9 - Info Disclosure
CVSS 4.3
CVE-2023-40344 MEDIUM
Jenkins Delphix Plugin < 3.0.2 - Credential ID Enumeration via Missing Permission Check
CVSS 4.3
CVE-2023-39507 MEDIUM
Rikunabi NEXT < 11.5.0 - Unauthenticated Arbitrary Website Access via Custom URL Scheme Handler
CVSS 6.1
CVE-2023-4374 MEDIUM
WP Remote Users Sync <1.2.11 - Info Disclosure
CVSS 4.3
CVE-2023-40027 LOW
Keystone < 5.5.1 - Unauthenticated Admin Meta Data Exposure via GraphQL Query
CVSS 3.7
CVE-2023-39438 HIGH
SAP Contributor License Agreement Assistant < 2.13.1 - Authenticated Missing Authorization
CVSS 8.1
CVE-2023-21288 MEDIUM
Android - Missing Authorization in Notification URI Handling
CVSS 5.5
CVE-2023-21234 MEDIUM
Android - Missing Authorization in ChooseLockSettingsHelper
CVSS 5.5
CVE-2023-21140 MEDIUM
Android - Local Privilege Escalation via Missing Permission Check in ManagePermissionsActivity
CVSS 6.8
CVE-2023-21134 MEDIUM
Android - Local Privilege Escalation via Missing Permission Check in ManagePermissionsActivity
CVSS 6.8
CVE-2023-21133 MEDIUM
Android - Local Privilege Escalation via Missing Permission Check in ManagePermissionsActivity
CVSS 6.8
CVE-2023-21132 MEDIUM
Android - Local Privilege Escalation via Missing Permission Check in ManagePermissionsActivity
CVSS 6.8
CVE-2023-4106 MEDIUM
Mattermost 7.8.0-7.8.7 and 7.9.0-7.9.5 - Missing Authorization for Public Playbook Actions
CVSS 6.3
CVE-2023-4105 LOW
Mattermost 7.8.0-7.8.7 and 7.9.0-7.9.5 - Missing Authorization for Deleted Message Attachments
CVSS 3.1
CVE-2023-39966 HIGH
1Panel 1.4.3-<1.5.0 - Unauthenticated Arbitrary File Write via SaveContent Function
CVSS 7.5
CVE-2023-40216 MEDIUM
OpenBSD 7.3 - Denial of Service via Crafted DCS or CSI Terminal Escape Sequences
CVSS 5.5
CVE-2023-4282 MEDIUM
EmbedPress <3.8.2 - Info Disclosure
CVSS 5.4
CVE-2023-37862 HIGH
Phoenixcontact WP 6070-wvps Firmware < 4.0.10 - Missing Authorization
CVSS 8.2
CVE-2023-37860 HIGH
PHOENIX CONTACT WP 6xxx Series Firmware < 4.0.10 - Unauthenticated SNMP Community String Exposure
CVSS 7.5
CVE-2023-37492 MEDIUM
SAP NetWeaver Application Server ABAP - Missing Authorization Checks
CVSS 4.9
CVE-2023-33912 MEDIUM
Android - Local Information Disclosure via Contacts Service Missing Permission Check
CVSS 5.5
CVE-2023-33911 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in VoWiFi Service
CVSS 5.5
CVE-2023-33910 MEDIUM
Contacts Service - Info Disclosure
CVSS 5.5
CVE-2023-33909 MEDIUM
Android - Missing Authorization in Contacts Service
CVSS 5.5
Details
Vulnerabilities 8,401
Exploit Likelihood High