CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,402 vulnerabilities with CWE-862
CVE-2023-24453 MEDIUM
Jenkins TestQuality Updater Plugin <1.3 - Open Redirect
CVSS 6.5
CVE-2023-24451 MEDIUM
Jenkins Cisco Spark Notifier Plugin <1.1.1 - Info Disclosure
CVSS 4.3
CVE-2023-24448 MEDIUM
Jenkins RabbitMQ Consumer Plugin <2.8 - Privilege Escalation
CVSS 6.5
CVE-2023-24438 MEDIUM
Jenkins JIRA Pipeline Steps Plugin <2.0.165.v8846cf59f3db - SSRF
CVSS 6.5
CVE-2023-24436 MEDIUM
Jenkins GitHub Pull Request Builder Plugin <1.42.2 - Info Disclosure
CVSS 4.3
CVE-2023-24435 MEDIUM
Jenkins GitHub Pull Request Builder Plugin <1.42.2 - SSRF
CVSS 6.5
CVE-2023-24433 MEDIUM
Jenkins Orka by MacStadium Plugin <1.31 - Privilege Escalation
CVSS 6.5
CVE-2023-24431 MEDIUM
Jenkins Orka by MacStadium Plugin <1.31 - Info Disclosure
CVSS 4.3
CVE-2023-23611 MEDIUM
xblock-lti-consumer 7.0.0-7.2.1 - Missing Authorization via resource_link_id Field
CVSS 5.4
CVE-2023-22736 HIGH
Argo CD 2.5.0-2.5.7 and 2.6.0-rc4 - Missing Authorization via Sharded Application Controller
CVSS 8.5
CVE-2023-20916 HIGH
Android - Missing Authorization Check in LauncherAppsService
CVSS 7.8
CVE-2023-20912 HIGH
Android 13 - Missing Authorization in AvatarPickerActivity
CVSS 7.8
CVE-2023-0447 MEDIUM
My YouTube Channel <3.0.12.1 - Auth Bypass
CVSS 4.3
CVE-2023-0404 MEDIUM
Events Made Easy <= 2.3.16 - Authenticated Authorization Bypass via AJAX Functions
CVSS 5.4
CVE-2023-0402 MEDIUM
Social Warfare <4.3.0 - Auth Bypass
CVSS 5.4
CVE-2023-0242 HIGH
Rapid7 Velociraptor - Privilege Escalation
CVSS 8.8
CVE-2023-22478 HIGH
KubePi < 1.6.4 - Missing Authorization
CVSS 7.3
CVE-2023-0293 MEDIUM
Mediamatic - Media Library Folders <2.8.1 - Auth Bypass
CVSS 4.3
CVE-2023-22489 LOW
Flarum 1.3.0-1.6.2 - Missing Authorization for Discussion Replies via REST API
CVSS 3.5
CVE-2023-22488 MEDIUM
Flarum < 1.6.3 - Missing Authorization in Notification-Sending Component
CVSS 6.8
CVE-2022-45813 MEDIUM
WordPress Advanced AJAX Product Filters plugin <= 1.6.3.3 - Broken Access Control + CSRF
CVSS 5.4
CVE-2022-42479 MEDIUM
WordPress Soledad premium theme <= 8.2.5 - Broken Access Control vulnerability
CVSS 5.4
CVE-2022-41656 MEDIUM
WordPress Account Manager for WooCommerce plugin <= 2.1.2 - Broken Access Control vulnerability
CVSS 4.3
CVE-2022-41650 MEDIUM
Custom Content by Country <3.1.2 - Auth Bypass
CVSS 6.5
CVE-2022-47425 MEDIUM
ARMember <= 3.4.10 - Missing Authorization
CVSS 4.3
Details
Vulnerabilities 8,402
Exploit Likelihood High