Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-21	CVE-2025-24460	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool network low complexity jetbrains CWE-863	4.3
2025-01-20	CVE-2025-0580	A vulnerability was found in Shiprocket Module 3 on OpenCart. network high complexity CWE-863	5.6
2025-01-17	CVE-2024-57032	Incorrect Authorization vulnerability in Wegia WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. network low complexity wegia CWE-863 critical	9.8
2024-12-27	CVE-2020-9081	Incorrect Authorization vulnerability in Huawei products There is an improper authorization vulnerability in some Huawei smartphones. low complexity huawei CWE-863	6.8
2024-12-20	CVE-2024-56348	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents network low complexity jetbrains CWE-863	4.3
2024-12-20	CVE-2024-56350	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects network low complexity jetbrains CWE-863	4.3
2024-12-20	CVE-2024-12831	Incorrect Authorization vulnerability in Arista NG Firewall 17.1.1 Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. local low complexity arista CWE-863	7.8
2024-12-17	CVE-2024-12539	Incorrect Authorization vulnerability in Elastic Elasticsearch 8.16.0/8.16.1 An issue was discovered where improper authorization controls affected certain queries that could allow a malicious actor to circumvent Document Level Security in Elasticsearch and get access to documents that their roles would normally not allow. network low complexity elastic CWE-863	6.5
2024-12-17	CVE-2024-9654	Incorrect Authorization vulnerability in Awesomemotive Easy Digital Downloads The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. network high complexity awesomemotive CWE-863	3.7
2024-12-12	CVE-2024-55633	Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset. network low complexity apache CWE-863	6.5

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization