Vulnerabilities > Improper Access Control

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-31	CVE-2015-4624	Improper Access Control vulnerability in Hak5 Wi-Fi Pineapple Firmware Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens. high complexity hak5 CWE-284	7.5
2017-03-28	CVE-2016-6807	Improper Access Control vulnerability in Apache Ambari 2.4.0/2.4.1 Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. network low complexity apache CWE-284 critical	9.8
2017-03-28	CVE-2016-9468	Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the dav app. network low complexity owncloud nextcloud CWE-284	5.3
2017-03-28	CVE-2016-9467	Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. network low complexity owncloud nextcloud CWE-284	5.3
2017-03-28	CVE-2016-9462	Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore privileges when restoring a file. network low complexity owncloud nextcloud CWE-284	4.3
2017-03-28	CVE-2016-9461	Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. network low complexity owncloud nextcloud CWE-284	4.3
2017-03-28	CVE-2016-9460	Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a content-spoofing attack in the files app. network low complexity nextcloud owncloud CWE-284	5.3
2017-03-28	CVE-2016-9122	Improper Access Control vulnerability in Go-Jose Project Go-Jose go-jose before 1.0.4 suffers from multiple signatures exploitation. network low complexity go-jose-project CWE-284	7.5
2017-03-24	CVE-2016-10144	Improper Access Control vulnerability in Imagemagick coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check. network low complexity imagemagick CWE-284 critical	9.8
2017-03-24	CVE-2016-10130	Improper Access Control vulnerability in Libgit2 Project Libgit2 0.25.0 The http_connect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable. network high complexity libgit2-project CWE-284	5.9

Vulnerabilities > Improper Access Control {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Improper Access Control"}]}

Vulnerabilities > Improper Access Control