CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,407 vulnerabilities with CWE-862
CVE-2022-24317 HIGH
Schneider-electric Interactive Graphical Scada System Data Server < 15.0.0.22020 - Missing Authorization
CVSS 7.5
CVE-2022-22535 MEDIUM
SAP ERP HCM Portugal - Info Disclosure
CVSS 6.5
CVE-2022-20043 HIGH
Android - Missing Authorization in Bluetooth
CVSS 7.8
CVE-2022-20041 HIGH
Android - Missing Authorization in Bluetooth
CVSS 7.8
CVE-2022-20024 HIGH
Google Android System Service - Privilege Escalation
CVSS 7.8
CVE-2022-23621 MEDIUM
XWiki < 12.10.9, 13.4.3, >=13.6-rc-1 <13.7-rc-1 - Arbitrary File Read via XWiki#invokeServletAndReturnAsString
CVSS 5.5
CVE-2022-23617 MEDIUM
XWiki Platform < 12.10.6 - Missing Authorization via Page Template Copy
CVSS 6.5
CVE-2022-21660 HIGH
gin-vue-admin < 2.4.6 - Missing Authorization in setUserInfo Function
CVSS 8.1
CVE-2022-24450 HIGH
NATS nats-server <2.7.2 - Privilege Escalation
CVSS 8.8
CVE-2022-0218 HIGH
WP HTML Mail <3.0.9 - Info Disclosure
CVSS 8.3
CVE-2022-0203 MEDIUM
GitHub crater-invoice/crater <6.0.2 - Info Disclosure
CVSS 5.3
CVE-2022-23945 HIGH
Apache ShenYu 2.4.0-2.4.1 - Unauthenticated Missing Authorization via HTTP Registration
CVSS 7.5
CVE-2022-23944 CRITICAL
Apache ShenYu <2.4.1 - Info Disclosure
CVSS 9.1
CVE-2022-21707 MEDIUM
wasmCloud Host Runtime < 0.52.2 - Missing Authorization for Actor Capability Claims
CVSS 6.3
CVE-2022-0236 HIGH
Vjinfotech WP Import Export WordPress Plugin <= 3.9.15 - Sensitive Data Disclosure
CVSS 7.5
CVE-2022-0152 MEDIUM
GitLab <14.4.5-14.6.2 - Info Disclosure
CVSS 6.5
CVE-2022-0125 MEDIUM
GitLab <14.4.5-14.6.2 - Privilege Escalation
CVSS 4.3
CVE-2022-0178 MEDIUM
snipe/snipe-it <5.3.8 - Info Disclosure
CVSS 6.3
CVE-2022-23112 MEDIUM
Jenkins Publish Over SSH Plugin < 1.22 - Missing Authorization for SSH Server Connection
CVSS 6.5
CVE-2022-20620 MEDIUM
Jenkins SSH Agent Plugin <1.23 - Info Disclosure
CVSS 4.3
CVE-2022-20618 MEDIUM
Jenkins Bitbucket Branch Source Plugin < 737.vdf9dc06105be - Missing Authorization for Credential ID Enumeration
CVSS 4.3
CVE-2022-20616 MEDIUM
Jenkins Credentials Binding Plugin <1.27 - Privilege Escalation
CVSS 4.3
CVE-2022-20614 MEDIUM
Jenkins Mailer Plugin <391.ve4a_38c1f - Info Disclosure
CVSS 4.3
CVE-2022-0179 MEDIUM
snipe-it < 5.3.7 - Missing Authorization
CVSS 5.4
CVE-2022-22111 HIGH
DayByDay CRM <2.2.0 - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities 8,407
Exploit Likelihood High