Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,108 vulnerabilities with CWE-863

CVE-2018-6316 HIGH

Ivanti Endpoint Security < 8.5 Update 1 - Authenticated Application Whitelisting Bypass in Lockdown Mode

CVE-2018-0110 HIGH

Cisco WebEx Meetings Server - Authenticated Remote Support Account Access Bypass

CVE-2018-0096 MEDIUM

Cisco Prime Infrastructure - Authenticated Privilege Escalation via RBAC Bypass

CVE-2018-2361 HIGH

SAP Solution Manager 7.20 - Incorrect Authorization in SAP_BPO_CONFIG Role

CVE-2018-0803 MEDIUM

Microsoft Edge - Cross-Domain Information Disclosure and Injection via Policy Enforcement Flaw

CVE-2017-9453 CRITICAL

BMC Server Automation <8.9.01 - Auth Bypass

CVE-2017-20066 MEDIUM

Adminer Login <1.4.4 - Info Disclosure

CVE-2017-16778 MEDIUM

Fermax Outdoor Panel - Privilege Escalation

CVE-2017-8276 HIGH

Qualcomm Snapdragon Firmware - Incorrect Authorization in TrustZone Fuse

CVE-2017-17708 MEDIUM

Pleasant Password Server < 7.8.3 - Authenticated Incorrect Authorization

CVE-2017-2632 MEDIUM

CloudForms Management Engine < 5.7.1.3 - Privilege Escalation via Role Validation Logic Error

CVE-2017-7470 MEDIUM

Spacewalk-channel - Privilege Escalation

CVE-2017-3183 HIGH

Sage XRT Treasury 3 - Authenticated Authorization Bypass via USER_CODE Manipulation

CVE-2017-2673 MEDIUM

OpenStack Keystone >=9.0.0 - Authenticated Incorrect Authorization in Federation Configurations

CVE-2017-16773 MEDIUM

Synology Universal Search <1.0.5-0135 - Auth Bypass

CVE-2017-15695 HIGH

Apache Geode 1.0.0-1.4.0 - Remote Code Execution via Internal Function Invocation

CVE-2017-2611 MEDIUM

Jenkins <2.44, 2.32.2 - Privilege Escalation

CVE-2017-1700 MEDIUM

IBM Rational Collaborative Lifecycle Management 5.0-6.0.4 DoS via Resource Intensive Scenarios

CVE-2017-12196 MEDIUM

undertow <1.4.18.SP1-2.0.2.Final - SSRF

CVE-2017-2599 MEDIUM

Jenkins < 2.44 and < 2.32.2 - Incorrect Authorization via Item Overwrite

CVE-2017-1766 MEDIUM

IBM Business Process Manager 8.6 - Incorrect Authorization

CVE-2017-0920 MEDIUM

GitLab <10.1.6, 10.2.6, 10.3.4 - Auth Bypass

CVE-2017-0927 MEDIUM

GitLab 8.16.0-9.5.9 - Unauthenticated Improper Authorization in Deployment Keys

CVE-2017-0926 HIGH

GitLab 8.8.0-9.5.9 - Unauthenticated Unauthorized User Login via OAuth Sign-In

CVE-2017-0922 HIGH

GitLab 9.1.0-9.5.10 - Authorization Bypass in Projects::BoardsController

Previous Page 120 of 125 Next

Details

Vulnerabilities 3,108

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy