Vulnerabilities > Improper Access Control

DATE CVE VULNERABILITY TITLE RISK
2019-05-22 CVE-2017-6912 Improper Access Control vulnerability in Open-Xchange Appsuite
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
network
low complexity
open-xchange CWE-284
8.8
2019-05-22 CVE-2017-5863 Improper Access Control vulnerability in Open-Xchange Appsuite
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
network
low complexity
open-xchange CWE-284
critical
9.8
2019-04-22 CVE-2016-1587 Improper Access Control vulnerability in Snapweb
The Snapweb interface before version 0.21.2 was exposing controls to install or remove snap packages without controlling the identity of the user, nor the origin of the connection.
network
low complexity
snapweb CWE-284
7.5
2019-03-26 CVE-2010-5305 Improper Access Control vulnerability in Rockwellautomation products
The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers.
network
low complexity
rockwellautomation CWE-284
critical
9.8
2019-02-15 CVE-2013-5654 Improper Access Control vulnerability in Yingzhipython Project Yingzhipython 1.9
Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage
network
low complexity
yingzhipython-project CWE-284
critical
9.1
2019-01-24 CVE-2019-1647 Improper Access Control vulnerability in Cisco Sd-Wan and Vsmart Controller
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to bypass authentication and have direct unauthorized access to other vSmart containers.
low complexity
cisco CWE-284
8.0
2018-11-16 CVE-2018-7362 Improper Access Control vulnerability in ZTE Zxhn F670 Firmware
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper access control vulnerability, which may allows an unauthorized user to perform unauthorized operations on the router.
network
low complexity
zte CWE-284
8.8
2018-10-30 CVE-2018-17931 Improper Access Control vulnerability in Vecna VGO Firmware 3.0.3.52164/3.0.3.53662
If an attacker has physical access to the VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662.
low complexity
vecna CWE-284
6.8
2018-10-29 CVE-2018-17908 Improper Access Control vulnerability in Advantech Webaccess
WebAccess Versions 8.3.2 and prior.
local
low complexity
advantech CWE-284
7.8
2018-08-20 CVE-2016-7048 Improper Access Control vulnerability in Postgresql
The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software.
network
high complexity
postgresql CWE-284
8.1