Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,098 vulnerabilities with CWE-863

CVE-2023-28634 HIGH

GLPI <9.5.13, <10.0.7 - Privilege Escalation

CVE-2023-1603 MEDIUM

Dovolations Server <2022.3.13 - Privilege Escalation

CVE-2023-1202 MEDIUM

Devolutions Remote Desktop Manager < 2023.1.10 - Permission Bypass via Entry ID Collision

CVE-2023-23594 CRITICAL

Sato CL4NX Plus Firmware < 1.13.3-u724_r2 - Unauthenticated Authentication Bypass

CVE-2023-26829 CRITICAL

Gladinet CentreStack <13.5.9808 - Auth Bypass

CVE-2023-22251 MEDIUM

Adobe Commerce <2.4.4-p2, <2.4.5-p1 - Info Disclosure

CVE-2023-1144 HIGH

InfraSuite Device Master < 1.0.5 - Unauthenticated Privilege Escalation via Device-Gateway Service

CVE-2023-1136 CRITICAL

InfraSuite Device Master < 1.0.5 - Unauthenticated Authentication Bypass via Token Generation

CVE-2023-25017 HIGH

RIFARTEK IOT Wall - Authenticated Incorrect Authorization

CVE-2023-21035 HIGH

Android - Incorrect Authorization in BackupHelper.java

CVE-2023-21034 HIGH

Android 13 - Incorrect Authorization in SensorService

CVE-2023-20975 HIGH

Android 13 - Incorrect Authorization Bypass in EnableContentCapturePreferenceController

CVE-2023-20971 HIGH

Android - Incorrect Authorization in PermissionManagerServiceImpl

CVE-2023-28611 CRITICAL

OMICRON StationGuard <2.20 & StationScout <2.20 - Auth Bypass

CVE-2023-23192 HIGH

IS Decisions UserLock MFA 11.01 - Authentication Bypass via Scheduled Task

CVE-2023-25924 MEDIUM

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 - Authenticated Incorrect Authorization

CVE-2023-25594 MEDIUM

ClearPass Policy Manager 6.9.0-6.9.12 - Authenticated Incorrect Authorization in Web Management Interface

CVE-2023-25923 LOW

IBM Security Guardium Key Lifecycle Manager 3.0-4.1.1 - Unauthenticated File Upload and DoS

CVE-2023-27578 CRITICAL

Galaxy < 22.01 - Improper Access Control in Visualization and Page Management

CVE-2023-0940 HIGH

ProfileGrid < 5.3.1 - Incorrect Authorization via Password Reset AJAX Endpoint

CVE-2023-27594 MEDIUM

Cilium < 1.11.15, 1.12.0-1.12.7, 1.13.0 - Network Policy Bypass via IPv6 NodePort Traffic Misattribution

CVE-2023-26484 HIGH

KubeVirt <0.59.0 - Privilege Escalation

CVE-2023-24880 MEDIUM KEV

Windows SmartScreen - Privilege Escalation

CVE-2023-24999 MEDIUM

HashiCorp Vault < 1.10.11 - Authenticated Incorrect Authorization via AppRole Secret ID Destroy Endpoint

CVE-2023-27903 MEDIUM

Jenkins < 2.375.4, 2.376-2.387.1, < 2.394 - Unauthenticated Sensitive File Exposure via CLI File Parameter Upload

Previous Page 77 of 124 Next

Details

Vulnerabilities 3,098

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy