Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-06	CVE-2022-46080	Incorrect Authorization vulnerability in Nexxtsolutions Nebula1200-Ac Firmware 15.03.06.60 Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET. network low complexity nexxtsolutions CWE-863 critical	9.8
2023-07-06	CVE-2023-29656	Incorrect Authorization vulnerability in Darktrace Threat Visualizer 6.0.0 An improper authorization vulnerability in Darktrace mobile app (Android) prior to version 6.0.15 allows disabled and low-privilege users to control "antigena" actions(block/unblock traffic) from the mobile application. local low complexity darktrace CWE-863	6.1
2023-07-05	CVE-2021-46891	Incorrect Authorization vulnerability in Huawei Emui and Harmonyos Vulnerability of incomplete read and write permission verification in the GPU module. network low complexity huawei CWE-863 critical	9.8
2023-07-05	CVE-2021-46890	Incorrect Authorization vulnerability in Huawei Emui and Harmonyos Vulnerability of incomplete read and write permission verification in the GPU module. network low complexity huawei CWE-863 critical	9.8
2023-07-03	CVE-2023-26258	Incorrect Authorization vulnerability in Arcserve UDP Arcserve UDP through 9.0.6034 allows authentication bypass. network low complexity arcserve CWE-863 critical	9.8
2023-06-29	CVE-2023-30955	Incorrect Authorization vulnerability in Palantir Foundry Workspace-Server A security defect was identified in Foundry workspace-server that enabled a user to bypass an authorization check and view settings related to 'Developer Mode'. network low complexity palantir CWE-863	5.4
2023-06-29	CVE-2023-33190	Incorrect Authorization vulnerability in Sealos Project Sealos Sealos is an open source cloud operating system distribution based on the Kubernetes kernel. network low complexity sealos-project CWE-863 critical	9.8
2023-06-28	CVE-2023-21225	Incorrect Authorization vulnerability in Google Android there is a possible way to bypass the protected confirmation screen due to Failure to lock display power. local low complexity google CWE-863	7.8
2023-06-22	CVE-2023-3114	Incorrect Authorization vulnerability in Hashicorp Terraform Enterprise Terraform Enterprise since v202207-1 did not properly implement authorization rules for agent pools, allowing the workspace to be targeted by unauthorized agents. network low complexity hashicorp CWE-863	7.7
2023-06-22	CVE-2023-34923	Incorrect Authorization vulnerability in Topdesk 12.10.12 XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider (IP) to impersonate any TOPdesk user via SAML Response manipulation. network low complexity topdesk CWE-863	8.1

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization