Vulnerabilities > Incorrect Authorization
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-06 | CVE-2020-7921 | Incorrect Authorization vulnerability in Mongodb Improper serialization of internal state in the authorization subsystem in MongoDB Server's authorization subsystem permits a user with valid credentials to bypass IP whitelisting protection mechanisms following administrative action. | 5.3 |
2020-05-06 | CVE-2020-4446 | Incorrect Authorization vulnerability in IBM products IBM Business Process Manager 8.0, 8.5, and 8.6 and IBM Business Automation Workflow 18.0 and 19.0 could allow a remote attacker to bypass security restrictions, caused by the failure to perform insufficient authorization checks. | 4.0 |
2020-05-06 | CVE-2020-2188 | Incorrect Authorization vulnerability in Jenkins Amazon EC2 A missing permission check in Jenkins Amazon EC2 Plugin 1.50.1 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. | 4.3 |
2020-05-04 | CVE-2020-5343 | Incorrect Authorization vulnerability in Dell OS Recovery Image FOR Microsoft Windows 10 Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. | 7.2 |
2020-05-04 | CVE-2020-5333 | Incorrect Authorization vulnerability in RSA Archer RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an authorization bypass vulnerability in the REST API. | 4.0 |
2020-04-27 | CVE-2020-1807 | Incorrect Authorization vulnerability in Huawei Mate 20 Firmware HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper authorization vulnerability. | 3.6 |
2020-04-21 | CVE-2020-11891 | Incorrect Authorization vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.17. | 5.0 |
2020-04-21 | CVE-2020-11889 | Incorrect Authorization vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.17. | 5.0 |
2020-04-20 | CVE-2020-11753 | Incorrect Authorization vulnerability in Sonatype Nexus Repository Manager 3 3.21.1/3.22.0 An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. | 8.8 |
2020-04-20 | CVE-2020-5293 | Incorrect Authorization vulnerability in Prestashop In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there are improper access controls on product page with combinations, attachments and specific prices. | 6.4 |