Vulnerabilities > Improper Access Control

DATE CVE VULNERABILITY TITLE RISK
2019-06-07 CVE-2018-10691 Improper Access Control vulnerability in Moxa Awk-3121 Firmware 1.14
An issue was discovered on Moxa AWK-3121 1.14 devices.
network
low complexity
moxa CWE-284
7.5
2019-06-07 CVE-2018-5264 Improper Access Control vulnerability in UI Unifi Firmware
Ubiquiti UniFi 52 devices, when Hotspot mode is used, allow remote attackers to bypass intended restrictions on "free time" Wi-Fi usage by sending a /guest/s/default/ request to obtain a cookie, and then using this cookie in a /guest/s/default/login request with the byfree parameter.
network
high complexity
ui CWE-284
5.9
2019-05-24 CVE-2018-13895 Improper Access Control vulnerability in Qualcomm products
Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access to phone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20
local
low complexity
qualcomm CWE-284
7.8
2019-05-23 CVE-2017-11365 Improper Access Control vulnerability in Sensiolabs Symfony
Certain Symfony products are affected by: Incorrect Access Control.
network
low complexity
sensiolabs CWE-284
critical
9.8
2019-05-23 CVE-2017-5212 Improper Access Control vulnerability in Open-Xchange Appsuite 7.8.3
Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control.
network
low complexity
open-xchange CWE-284
critical
9.8
2019-05-22 CVE-2017-8340 Improper Access Control vulnerability in Open-Xchange Appsuite
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
network
low complexity
open-xchange CWE-284
8.8
2019-05-22 CVE-2017-6912 Improper Access Control vulnerability in Open-Xchange Appsuite
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
network
low complexity
open-xchange CWE-284
8.8
2019-05-22 CVE-2017-5863 Improper Access Control vulnerability in Open-Xchange Appsuite
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
network
low complexity
open-xchange CWE-284
critical
9.8
2019-04-22 CVE-2016-1587 Improper Access Control vulnerability in Snapweb
The Snapweb interface before version 0.21.2 was exposing controls to install or remove snap packages without controlling the identity of the user, nor the origin of the connection.
network
low complexity
snapweb CWE-284
7.5
2019-03-26 CVE-2010-5305 Improper Access Control vulnerability in Rockwellautomation products
The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers.
network
low complexity
rockwellautomation CWE-284
critical
9.8