CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,403 vulnerabilities with CWE-862
CVE-2022-39108 HIGH
Music Service - Privilege Escalation
CVSS 7.8
CVE-2022-39107 HIGH
Soundrecorder - Privilege Escalation
CVSS 7.8
CVE-2022-39103 MEDIUM
Android Gallery Service - Unauthenticated Denial of Service via Missing Permission Check
CVSS 5.5
CVE-2022-39080 HIGH
Messaging Service - Privilege Escalation
CVSS 7.8
CVE-2022-38698 HIGH
Messaging Service - Privilege Escalation
CVSS 7.8
CVE-2022-38697 MEDIUM
Messaging Service - Info Disclosure
CVSS 5.5
CVE-2022-38689 MEDIUM
Telephony Service - Info Disclosure
CVSS 5.5
CVE-2022-38688 MEDIUM
Telephony Service - Info Disclosure
CVSS 5.5
CVE-2022-38687 MEDIUM
Android - Denial of Service via Missing Authorization in Messaging Service
CVSS 5.5
CVE-2022-38679 MEDIUM
Android - Missing Authorization Leading to Local Denial of Service in Music Service
CVSS 5.5
CVE-2022-38677 MEDIUM
Android - Unauthenticated Denial of Service in Cell Service
CVSS 5.5
CVE-2022-38670 HIGH
Soundrecorder Service - Privilege Escalation
CVSS 7.8
CVE-2022-38669 HIGH
Soundrecorder Service - Privilege Escalation
CVSS 7.8
CVE-2022-2985 HIGH
Android - Missing Authorization in Music Service Leading to Privilege Escalation
CVSS 7.8
CVE-2022-42488 HIGH
OpenHarmony 3.1-3.1.2 - Missing Authorization in Startup Subsystem Param Service
CVSS 8.4
CVE-2022-28866 HIGH
Nokia AirFrame BMC Web GUI < R18 - Info Disclosure
CVSS 8.8
CVE-2022-20434 HIGH
Android - Missing Authorization Leading to Local Privilege Escalation in System Service
CVSS 7.8
CVE-2022-20433 HIGH
Android - Missing Authorization Leading to Local Privilege Escalation
CVSS 7.8
CVE-2022-20432 HIGH
Android - Missing Authorization Leading to Local Privilege Escalation
CVSS 7.8
CVE-2022-20431 HIGH
Android - Missing Authorization Leading to Local Privilege Escalation
CVSS 7.8
CVE-2022-20430 HIGH
Android - Missing Authorization Leading to Local Privilege Escalation in System Service
CVSS 7.8
CVE-2022-20394 MEDIUM
Android - Local Information Disclosure via InputMethodManagerService
CVSS 5.0
CVE-2022-31765 HIGH
Siemens 6GK6108-4AM00-2BA2 and 6GK58xx Firmware < 7.1.2 - Missing Authorization for Password Change
CVSS 8.8
CVE-2022-2350 MEDIUM
Disable User Login < 1.0.1 - Unauthenticated Missing Authorization
CVSS 5.3
CVE-2022-39289 CRITICAL
ZoneMinder < 1.36.27 - Missing Authorization for Database Log Manipulation
CVSS 9.1
Details
Vulnerabilities 8,403
Exploit Likelihood High