Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-24 | CVE-2023-4227 | Incorrect Authorization vulnerability in Moxa Iologik E4200 Firmware 1.6 A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. | 6.5 |
| 2023-08-23 | CVE-2023-3899 | Incorrect Authorization vulnerability in multiple products A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. | 7.8 |
| 2023-08-22 | CVE-2022-48538 | Incorrect Authorization vulnerability in Cacti 1.2.19 In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password. | 5.3 |
| 2023-08-21 | CVE-2023-38035 | Incorrect Authorization vulnerability in Ivanti Mobileiron Sentry 9.18.0 A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration. | 9.8 |
| 2023-08-17 | CVE-2023-25647 | Incorrect Authorization vulnerability in ZTE products There is a permission and access control vulnerability in some ZTE mobile phones. | 3.3 |
| 2023-08-14 | CVE-2023-32748 | Incorrect Authorization vulnerability in Mitel Mivoice Connect The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control. | 9.8 |
| 2023-08-13 | CVE-2023-39384 | Incorrect Authorization vulnerability in Huawei Emui and Harmonyos Vulnerability of incomplete permission verification in the input method module. | 7.5 |
| 2023-08-11 | CVE-2023-4107 | Incorrect Authorization vulnerability in Mattermost Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name. | 6.5 |
| 2023-08-10 | CVE-2023-30705 | Incorrect Authorization vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission. | 5.5 |
| 2023-08-09 | CVE-2023-33468 | Incorrect Authorization vulnerability in Kramerav VIA Connect2 Firmware and VIA GO2 Firmware KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. | 9.1 |