Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,104 vulnerabilities with CWE-863

CVE-2020-3522 MEDIUM

Cisco Data Center Network Manager < 11.4(1) - Authenticated Authorization Bypass via Crafted URL

CVE-2020-19005 MEDIUM

zrlog 2.1.0 - Incorrect Authorization for Database Backup Download

CVE-2020-16241 MEDIUM

Philips SureSigns VS4 Firmware < a.07.107 - Improper Access Control

CVE-2020-9712 MEDIUM

Adobe Acrobat and Reader DC - Security Feature Bypass via Incorrect Authorization

CVE-2020-3472 MEDIUM

Cisco Webex Meetings - Info Disclosure

CVE-2020-3413 MEDIUM

Cisco Webex Meetings - Privilege Escalation

CVE-2020-3412 MEDIUM

Cisco Webex Meetings - Privilege Escalation

CVE-2020-8212 CRITICAL

Citrix XenMobile <10.12 - Privilege Escalation

CVE-2020-7583 HIGH

Siemens Automation License Manager 5.x and 6.x < 6.0.8 - Improper Authorization

CVE-2020-7300 MEDIUM

McAfee Data Loss Prevention < 11.3.28 - Authenticated Configuration Change via HTTP Post Messages

CVE-2020-2233 MEDIUM

Jenkins Pipeline Maven Integration Plugin <3.8.2 - Info Disclosure

CVE-2020-17448 HIGH

Telegram Desktop <2.1.13 - Info Disclosure

CVE-2020-12780 HIGH

Combodo iTop < 2.7.1 - Sensitive Information Exposure via Security Misconfiguration

CVE-2020-3386 HIGH

Cisco Data Center Network Manager < 11.4(1) - Authenticated Improper Authorization via REST API

CVE-2020-3374 CRITICAL

Cisco SD-WAN vManage Software - Auth Bypass

CVE-2020-14486 MEDIUM

OpenClinic GA 5.09.02 and 5.89.05b - Improper Authorization via Redirect Bypass

CVE-2020-15120 MEDIUM

I hate money <4.1.5 - Privilege Escalation

CVE-2020-15126 MEDIUM

Parser-Server <4.3.0 - Privilege Escalation

CVE-2020-15110 MEDIUM

jupyterhub-kubespawner <0.12 - Privilege Escalation

CVE-2020-3150 MEDIUM

Cisco Small Business RV110W/RV215W - Info Disclosure

CVE-2020-3140 CRITICAL

Cisco Prime License Manager - Privilege Escalation

CVE-2020-2228 HIGH

Jenkins Gitlab Auth Plugin <1.5 - Privilege Escalation

CVE-2020-7692 HIGH

Google OAuth Client Library for Java < 1.31.0 - Incorrect Authorization via Missing PKCE Implementation

CVE-2020-15513 MEDIUM

mittwald/typo3_forum < 1.2.1 - Incorrect Access Control

CVE-2020-5372 HIGH

Dell EMC PowerStore < 1.0.1.0.5.002 - Unauthenticated Denial of Service via Exposed Test Interface Ports

Previous Page 108 of 125 Next

Details

Vulnerabilities 3,104

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy