Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,104 vulnerabilities with CWE-863

CVE-2020-12875 MEDIUM

Veritas APTARE <10.4 - Info Disclosure

CVE-2020-1998 MEDIUM

PAN-OS 7.1.0-7.1.25 - Authentication Bypass via SAML Username Sharing

CVE-2020-8151 HIGH

Active Resource <v5.1.1 - Info Disclosure

CVE-2020-12691 HIGH

OpenStack Keystone <16.0.0 - Privilege Escalation

CVE-2020-7921 MEDIUM

MongoDB Server <4.2.3, <4.0.15, <4.3.3, <3.6.18 - Auth Bypass

CVE-2020-4446 MEDIUM

IBM Business Process Manager 8.0-8.6 and Business Automation Workflow 18.0-19.0 - Incorrect Authorization

CVE-2020-2188 MEDIUM

Jenkins Amazon EC2 Plugin < 1.50.1 - Unauthenticated Credential ID Enumeration via Form Methods

CVE-2020-5343 HIGH

Dell OS Recovery Image for Windows 10 < 2019-12-20 - Unauthorized Access via Insecure Permissions

CVE-2020-5333 MEDIUM

RSA Archer < 6.7.0.3 - Authenticated Authorization Bypass in REST API

CVE-2020-12477 HIGH

TeamPass 2.1.27.36 - IP Whitelist Bypass via X-Forwarded-For Header

CVE-2020-10786 HIGH

Vesta Control Panel <0.9.8-26 - RCE

CVE-2020-11753 HIGH

Sonatype Nexus Repository Manager 3.21.1 and 3.22.0 - Incorrect Authorization

CVE-2020-5293 MEDIUM

PrestaShop 1.7.0.0-1.7.6.5 - Improper Access Control on Product Page

CVE-2020-5288 MEDIUM

PrestaShop 1.7.0.0-1.7.6.5 - Improper Access Control on Product Attributes Page

CVE-2020-5287 MEDIUM

PrestaShop 1.5.5.0-1.7.6.5 - Improper Access Control in Customer Search

CVE-2020-5279 MEDIUM

PrestaShop 1.5.0.0-1.7.6.5 - Improper Access Control in Legacy Controllers

CVE-2020-0981 HIGH

Windows 10 and Windows Server 2016 - Security Feature Bypass via Token Handling

CVE-2020-6214 MEDIUM

SAP S/4HANA 100 - Privilege Escalation

CVE-2020-11707 HIGH

ProVide < 13.1 - Sandbox Escape via Symlink or Junction

CVE-2020-11628 MEDIUM

EJBCA < 6.15.2.6 and 7.x < 7.3.1.2 - Protocol Access Control Bypass via URI Manipulation

CVE-2020-8142 MEDIUM

Revive Adserver <5.0.5 - Auth Bypass

CVE-2020-5275 HIGH

Symfony security-http < 4.4.7 - Improper Authorization via Access Control Rule Bypass

CVE-2020-10510 HIGH

Sunnet eHRD - Incorrect Authorization via Specific URL

CVE-2020-1796 MEDIUM

HUAWEI Mate 20 and Mate 30 Pro Firmware - Incorrect Authorization

CVE-2020-10239 HIGH

Joomla! 3.7.0-3.9.15 - Incorrect Access Control in com_fields SQL Fieldtype

Previous Page 110 of 125 Next

Details

Vulnerabilities 3,104

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy