Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,108 vulnerabilities with CWE-863

CVE-2018-0337 HIGH

Cisco NX-OS - Authenticated Command Injection via File System Input Validation Bypass

CVE-2018-8927 MEDIUM

Synology Calendar < 2.1.2-0511 - Authenticated Arbitrary Event Creation via cal_id or original_cal_id Parameter

CVE-2018-0338 HIGH

Cisco Unified Computing System - Authenticated Command Injection via CLI

CVE-2018-1000197 HIGH

Jenkins Black Duck Hub Plugin <3.0.3 - Auth Bypass

CVE-2018-11142 MEDIUM

Quest KACE System Management Appliance 8.0.318 - Unauthenticated Incorrect Authorization via Host Header Bypass

CVE-2018-1000155 CRITICAL

OpenFlow 1.0 onwards - Denial of Service and Improper Authorization via DPID Trust in Handshake

CVE-2018-1463 MEDIUM

IBM SAN Volume Controller - Privilege Escalation

CVE-2018-1462 HIGH

IBM SAN Volume Controller - Privilege Escalation

CVE-2018-1278 MEDIUM

Pivotal Application Service 1.12.0-1.12.21 - Incorrect Authorization in Apps Manager

CVE-2018-1258 HIGH

Spring Security - Incorrect Authorization Bypass via Method Security

CVE-2018-0278 MEDIUM

Cisco Secure Firewall Management Center - Unauthenticated Sensitive Information Exposure via WebSocket

CVE-2018-5520 MEDIUM

F5 BIG-IP <13.1.0.5 - Privilege Escalation

CVE-2018-10212 MEDIUM

Vaultize Enterprise File Sharing <17.05.31 - Privilege Escalation

CVE-2018-0269 MEDIUM

Cisco Digital Network Architecture Center - Unauthenticated Sensitive Information Exposure via CORS Misconfiguration

CVE-2018-7245 CRITICAL

Schneider Electric 66074 MGE Network Management Card Transverse - Unauthenticated Parameter Modification via Web Server

CVE-2018-1000152 MEDIUM

Jenkins vSphere Plugin <2.16 - Privilege Escalation

CVE-2018-1057 HIGH

Canonical Ubuntu Linux < 4.5.16 - Incorrect Authorization

CVE-2018-1000114 MEDIUM

Jenkins Promoted Builds Plugin <2.31.1 - Privilege Escalation

CVE-2018-1000112 MEDIUM

Jenkins Mercurial Plugin <2.2 - Info Disclosure

CVE-2018-1000111 MEDIUM

Jenkins Subversion Plugin <2.10.2 - Auth Bypass

CVE-2018-1000110 MEDIUM

Jenkins Git Plugin <3.7.0 - Auth Bypass

CVE-2018-1000109 MEDIUM

Jenkins Google Play Android Publisher Plugin <1.6 - Auth Bypass

CVE-2018-1000107 MEDIUM

Jenkins Job and Node Ownership Plugin <0.11.0 - Privilege Escalation

CVE-2018-1000106 MEDIUM

Jenkins Gerrit Trigger Plugin <2.27.4 - Privilege Escalation

CVE-2018-1000105 MEDIUM

Jenkins Gerrit Trigger Plugin <2.27.4 - Auth Bypass

Previous Page 119 of 125 Next

Details

Vulnerabilities 3,108

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy