Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,109 vulnerabilities with CWE-863

CVE-2016-20002 CRITICAL

REST/JSON Project 7.x-1.x - Auth Bypass

CVE-2016-20001 CRITICAL

REST/JSON Project 7.x-1.x - Auth Bypass

CVE-2016-6591 HIGH

Symantec Norton App Lock <1.0.3.186 - Auth Bypass

CVE-2016-6353 MEDIUM

Cloudera Search <5.7.0 - Info Disclosure

CVE-2016-4572 HIGH

Cloudera CDH - Incorrect Authorization in Impala REVOKE ALL ON SERVER Command

CVE-2016-3131 MEDIUM

Cloudera CDH < 5.6.1 - Authorization Bypass via Direct Internal API Calls

CVE-2016-10996 MEDIUM

OptinMonster < 1.1.4.6 - Unauthenticated Incorrect Authorization via Nonce Leak

CVE-2016-9575 MEDIUM

FreeIPA 4.2.x, 4.3.x < 4.3.3, 4.4.x < 4.4.3 - Authenticated Certificate Profile Modification via certprofile-mod Command

CVE-2016-6797 HIGH

Apache Tomcat 6.0.0-6.0.45, 7.0.0-7.0.70, 8.0.0.RC1-8.0.36, 8.5.0-8.5.4, 9.0.0.M1-9.0.0.M9 - Incorrect Authorization

CVE-2016-4178 MEDIUM

Adobe Flash Player <18.0.0.366,19.x-22.x - Auth Bypass

CVE-2016-4514 HIGH

Moxa PT-7728 3.4 build 15081113 - Authenticated Configuration Change via Local Proxy

CVE-2015-10033 LOW

merlinsboard < 2015-03-19 - Improper Authorization in Grade Handler

CVE-2015-1780 MEDIUM

oVirt Engine - Incorrect Authorization via Storage Domain Attachment

QEMU < 2.3.1 - Incorrect Authorization in PCI Config Space

CVE-2014-7914 HIGH

Android < 5.1 - Incorrect Authorization via Bluetooth Pairing Bypass

CVE-2014-0169 MEDIUM

JBoss Enterprise Application Platform 6 - Incorrect Authorization via Shared Security Domain Cache

Apache HTTP Server 2.3.x and 2.4.x <= 2.4.10 - Incorrect Authorization via mod_lua Module

OpenStack Keystone < 2013.2.4 - Authenticated Incorrect Authorization via V2 API Trust Token Request

CVE-2013-4228 MEDIUM

Organic Groups 7.x-2.x < 7.x-2.3 - Authenticated Private Group Access Bypass

CVE-2013-2673 MEDIUM

Brother MFC-9970CDW <1.10 - Auth Bypass

CVE-2013-2198 CRITICAL

Login Security 6.x-1.0-6.x-1.2 and 7.x-1.x - Incorrect Authorization via Crafted Username

CVE-2013-1350 CRITICAL

Veraxsystems Network Management System - Incorrect Authorization

CVE-2013-2574 HIGH

FOSCAM IP Camera FI8620 - Info Disclosure

CVE-2013-4862 HIGH

MiCasaVerde VeraLite <1.5.408 - Privilege Escalation

CVE-2013-4985 HIGH

Vivotek IP7160 IP7361 IP8332 Firmware - Unauthenticated RTSP Authentication Bypass

Previous Page 123 of 125 Next

Details

Vulnerabilities 3,109

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy