CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,401 vulnerabilities with CWE-862
CVE-2023-1414 MEDIUM
WP VR <8.3.0 - CSRF
CVSS 4.3
CVE-2023-2193 MEDIUM
Mattermost - Missing Authorization via OAuth2 App Deauthorization
CVSS 6.5
CVE-2023-21094 HIGH
Android - Missing Authorization in LayerState.cpp
CVSS 7.8
CVE-2023-21091 MEDIUM
Android 13 - Unauthenticated Denial of Service via AppLocalePickerActivity Locale Change
CVSS 5.5
CVE-2023-20909 MEDIUM
Android - Missing Authorization in RunningTasks.java
CVSS 5.5
CVE-2023-25552 HIGH
StruxureWare Data Center Expert < 7.9.2 - Missing Authorization via Device File Transfer Settings
CVSS 8.1
CVE-2023-1371 MEDIUM
W4 Post List < 2.4.6 - Authenticated Missing Authorization for Password-Protected Posts
CVSS 6.5
CVE-2023-29529 MEDIUM
matrix-js-sdk < 24.1.0 - Unauthenticated Eavesdropping via MSC3401 Group Call Implementation
CVSS 5.0
CVE-2023-30532 MEDIUM
Jenkins TurboScript < 1.3 - Missing Authorization for Build Triggering
CVSS 6.5
CVE-2023-30526 MEDIUM
Jenkins Report Portal Plugin < 0.5 - Missing Authorization for URL Connection with Bearer Token
CVSS 6.5
CVE-2023-30522 MEDIUM
Jenkins Fogbugz Plugin < 2.2.17 - Missing Authorization via Jobname Parameter
CVSS 4.3
CVE-2023-30521 MEDIUM
Jenkins Assembla Merge Request Builder < 1.1.13 - Unauthenticated Build Triggering
CVSS 5.3
CVE-2023-30519 MEDIUM
Jenkins Quay.io trigger Plugin 0.1 - Unauthenticated Missing Authorization
CVSS 5.3
CVE-2023-30518 MEDIUM
Jenkins Thycotic Secret Server Plugin < 1.0.2 - Missing Authorization for Credential ID Enumeration
CVSS 4.3
CVE-2023-1903 MEDIUM
SAP HCM Fiori App My Forms <605 - Info Disclosure
CVSS 4.3
CVE-2023-1931 MEDIUM
WP Fastest Cache <1.1.2 - Info Disclosure
CVSS 4.3
CVE-2023-1930 MEDIUM
WP Fastest Cache <1.1.2 - Info Disclosure
CVSS 4.3
CVE-2023-1929 MEDIUM
WP Fastest Cache <1.1.2 - Privilege Escalation
CVSS 4.3
CVE-2023-1928 MEDIUM
WP Fastest Cache <1.1.2 - Info Disclosure
CVSS 4.3
CVE-2023-1167 MEDIUM
GitLab 12.3.0-15.8.4, 15.9.0-15.9.3, 15.10.0 - Unauthenticated Security Report Access in Merge Requests
CVSS 5.3
CVE-2023-1782 CRITICAL
HashiCorp Nomad <1.5.3 - Auth Bypass
CVSS 9.9
CVE-2023-1868 MEDIUM
YourChannel <1.2.3 - Info Disclosure
CVSS 6.5
CVE-2023-1865 MEDIUM
YourChannel WordPress <1.2.3 - Info Disclosure
CVSS 6.5
CVE-2023-26269 HIGH
Apache James <3.7.3 - Privilege Escalation
CVSS 7.8
CVE-2023-28675 MEDIUM
Jenkins OctoPerf Load Testing Plugin <4.5.2 - Privilege Escalation
CVSS 4.3
Details
Vulnerabilities 8,401
Exploit Likelihood High