Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,104 vulnerabilities with CWE-863

CVE-2020-15246 HIGH

October CMS <1.0.469 - Info Disclosure

CVE-2020-28053 MEDIUM

HashiCorp Consul 1.2.0-1.8.5 - Incorrect Authorization for Connect CA Private Key

CVE-2020-28211 HIGH

EcoStruxure Control Expert - Incorrect Authorization via Debugger Memory Overwrite

CVE-2020-25701 MEDIUM

Moodle 3.5.0-3.5.14, 3.7.0-3.7.8, 3.8.0-3.8.5, 3.9.0-3.9.2 - Improper Access Control via Upload Course Tool

CVE-2020-25699 HIGH

Moodle 3.5.0-3.5.14, 3.7.0-3.7.8, 3.8.0-3.8.5, 3.9.0-3.9.2 - Incorrect Authorization in Course Restore

CVE-2020-8278 MEDIUM

Nextcloud Social <0.3.1 - Info Disclosure

CVE-2020-26223 HIGH

Spree 3.7.0-3.7.12 - Incorrect Authorization via API v2 Order Status Endpoint

CVE-2020-11209 MEDIUM

Qualcomm Sd820 Firmware - Incorrect Authorization

CVE-2020-17049 MEDIUM

Windows Server 2012, 2016, 2019 and Samba 4.1.0-4.13.12 - Security Feature Bypass in Kerberos Constrained Delegation

CVE-2020-25655 MEDIUM

Red Hat Advanced Cluster Management for Kubernetes - Incorrect Authorization in ManagedClusterView API

CVE-2020-24401 MEDIUM

Magento <2.4.0-2.3.5p1 - Auth Bypass

CVE-2020-3600 HIGH

Cisco SD-WAN Software - Privilege Escalation

CVE-2020-3592 MEDIUM

Cisco SD-WAN vManage < 20.1.12 - Authenticated Authorization Bypass via Crafted HTTP Requests

CVE-2020-26506 MEDIUM

Marmind 4.1.141.0 - Authorization Bypass

CVE-2020-15278 HIGH

Red Discord Bot <3.4.1 - Privilege Escalation

CVE-2020-3852 MEDIUM

Safari < 13.0.5 - Incorrect Authorization via URL Scheme Handling

CVE-2020-3578 MEDIUM

Cisco ASA/Firepower Threat Defense WebVPN Portal Unauthenticated Access Rule Bypass

CVE-2020-27609 MEDIUM

BigBlueButton <2.2.28 - Info Disclosure

CVE-2020-6362 MEDIUM

SAP Banking Services 500 - Privilege Escalation

CVE-2020-16904 MEDIUM

Azure Functions - Unauthenticated Incorrect Authorization

CVE-2020-12503 HIGH

Pepperl+Fuchs P+F Comtrol - Authenticated Command Injection

CVE-2020-27156 CRITICAL

Veritas APTARE < 10.5 - Unauthenticated Remote Code Execution

CVE-2020-13957 CRITICAL

Apache Solr 6.6.0-6.6.6 7.0.0-7.7.3 8.0.0-8.6.2 - Unauthenticated ConfigSet Upload Bypass

CVE-2020-15251 HIGH

Sopel <1.0.3 - Privilege Escalation

CVE-2020-3467 HIGH

Cisco Identity Services Engine - Authenticated Incorrect Authorization via Web-Based Management Interface

Previous Page 106 of 125 Next

Details

Vulnerabilities 3,104

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy