CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,401 vulnerabilities with CWE-862
CVE-2023-33908 MEDIUM
Android - Missing Authorization in IMS Service
CVSS 5.5
CVE-2023-33907 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Contacts Service
CVSS 5.5
CVE-2023-33906 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in Contacts Service
CVSS 5.5
CVE-2023-38494 MEDIUM
MeterSphere <2.10.4 LTS - Info Disclosure
CVSS 5.9
CVE-2023-30950 MEDIUM
Palantir Foundry Campaigns Service - Information Disclosure
CVSS 6.5
CVE-2023-4124 MEDIUM
answer < 1.1.1 - Missing Authorization
CVSS 6.5
CVE-2023-3426 MEDIUM
Liferay Portal 7.4.3.81-7.4.3.85 and DXP 7.4 update 81-85 - Authenticated Missing Authorization in Organization Selector
CVSS 4.3
CVE-2023-38989 MEDIUM
jeesite <1.2.6 - Privilege Escalation
CVSS 4.3
CVE-2023-0958 MEDIUM
WordPress by Inisev - Privilege Escalation
CVSS 4.3
CVE-2023-38510 HIGH
Tolgee 3.14.0-3.23.0 - Missing Authorization via API Key Permission Bypass
CVSS 8.1
CVE-2023-3956 CRITICAL
InstaWP Connect <0.0.9.18 - Info Disclosure
CVSS 9.8
CVE-2023-3442 HIGH
Jenkins ServiceNow DevOps < 1.38.1 - Missing Authorization
CVSS 7.7
CVE-2023-37049 MEDIUM
emlog 2.1.9 - Arbitrary File Deletion via admin/template.php
CVSS 6.5
CVE-2023-26301 CRITICAL
HP LaserJet Pro - Privilege Escalation/Info Disclosure
CVSS 9.8
CVE-2023-3300 MEDIUM
HashiCorp Nomad <1.5.6-1.4.1 - Info Disclosure
CVSS 5.3
CVE-2023-3072 MEDIUM
HashiCorp Nomad <1.5.6-1.4.10 - Info Disclosure
CVSS 4.1
CVE-2023-33265 HIGH
Hazelcast <5.0.4, 5.1<5.1.6, 5.2<5.2.3 - Privilege Escalation
CVSS 8.8
CVE-2023-3714 HIGH
ProfileGrid <= 5.5.2 - Authenticated Missing Authorization in edit_group Handler
CVSS 7.5
CVE-2023-3713 HIGH
ProfileGrid < 5.5.1 - Authenticated Arbitrary Site Options Update via Missing Capability Check
CVSS 8.8
CVE-2023-3403 MEDIUM
ProfileGrid plugin <5.5.1 - Info Disclosure
CVSS 5.4
CVE-2023-3587 LOW
Mattermost 7.8.0-7.8.6 - Missing Authorization in Board Sharing
CVSS 2.7
CVE-2023-2268 HIGH
Plane 0.7.1 - Unauthenticated Arbitrary File Read
CVSS 7.1
CVE-2023-21257 HIGH
Android - Missing Authorization in InstallPackageHelper
CVSS 7.8
CVE-2023-21248 HIGH
Android - Missing Authorization in WifiScanningMainSwitchPreferenceController
CVSS 7.8
CVE-2023-21247 HIGH
Android - Local Privilege Escalation via Bluetooth Scanning Main Switch Preference Controller
CVSS 7.8
Details
Vulnerabilities 8,401
Exploit Likelihood High