Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,104 vulnerabilities with CWE-863

CVE-2018-17857 MEDIUM

Joomla! < 3.8.13 - Incorrect Authorization in Tags Search Fields

CVE-2018-1000805 HIGH

Paramiko 2.4.1 2.3.2 2.2.3 2.1.5 2.0.8 1.18.5 1.17.6 - Remote Code Execution via SSH Server Incorrect Access Control

CVE-2018-15405 MEDIUM

Cisco UCS Director - Authenticated Information Disclosure via Improper Authorization Check

CVE-2018-0460 MEDIUM

Cisco Enterprise NFV Infrastructure Software - Authenticated Arbitrary File Read via REST API

CVE-2018-0459 MEDIUM

Cisco Enterprise NFV Infrastructure Software - Authenticated Denial of Service via Web Management Interface

CVE-2018-9492 HIGH

Android 8.0-9.0 - Unauthenticated Permissions Bypass in ActivityManagerService

CVE-2018-1250 MEDIUM

Dell EMC Unity and UnityVSA < 4.3.1.1525703027 - Authenticated Authorization Bypass via NAS Server API

CVE-2018-16597 MEDIUM

Linux Kernel < 4.8 - Incorrect Authorization in OverlayFS Mounts

CVE-2018-7929 MEDIUM

Huawei Mate RS <NEO-AL00D 8.1.0.167 - Auth Bypass

CVE-2018-1999047 MEDIUM

Jenkins <2.137-2.121.2 - Auth Bypass

CVE-2018-15468 MEDIUM

Xen < 4.11.0 - Denial of Service via DEBUGCTL MSR Configuration

CVE-2018-10925 HIGH

Canonical Ubuntu Linux < 9.5.14 - Incorrect Authorization

CVE-2018-3778 MEDIUM

aedes < 0.35.0 - Improper Authorization

CVE-2018-5489 MEDIUM

NetApp 7-Mode Transition Tool <2.0 - Privilege Escalation

CVE-2018-7957 LOW

Huawei Victoria-AL00 8.0.0.336a - Info Disclosure

CVE-2018-11047 HIGH

Cloud Foundry UAA 4.5.0-4.5.6, 4.7.0-4.7.5, 4.10.0-4.10.1, 4.12.0-4.12.3, 4.19.0-4.19.1 - Incorrect Authorization

CVE-2018-1999004 MEDIUM

Jenkins <2.132-2.121.1 - Privilege Escalation

CVE-2018-1999003 MEDIUM

Jenkins <2.132-2.121.1 - Privilege Escalation

CVE-2018-1245 CRITICAL

RSA Identity Governance and Lifecycle 7.0.1, 7.0.2, 7.1.0 - Authenticated Authorization Bypass in Workflow Architect

CVE-2018-13109 HIGH

Adbglobal Dv2210 Firmware - Incorrect Authorization

CVE-2018-12103 MEDIUM

D-Link DIR-890L/885L/895L <1.21b02beta01/1.21b03beta01/1.21b04beta01 - CAPTCHA Bypass

CVE-2018-0337 HIGH

Cisco NX-OS - Authenticated Command Injection via File System Input Validation Bypass

CVE-2018-8927 MEDIUM

Synology Calendar < 2.1.2-0511 - Authenticated Arbitrary Event Creation via cal_id or original_cal_id Parameter

CVE-2018-0338 HIGH

Cisco Unified Computing System - Authenticated Command Injection via CLI

CVE-2018-1000197 HIGH

Jenkins Black Duck Hub Plugin <3.0.3 - Auth Bypass

Previous Page 118 of 125 Next

Details

Vulnerabilities 3,104

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy