Vulnerabilities > Incorrect Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-11	CVE-2021-25418	Incorrect Authorization vulnerability in Samsung Internet 13.2.1.46/13.2.1.70/14.0.1.20 Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition. local samsung CWE-863	4.4
2021-06-10	CVE-2021-21664	Incorrect Authorization vulnerability in Jenkins Xebialabs XL Deploy An incorrect permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Generic Create permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing Username/password credentials stored in Jenkins. network low complexity jenkins CWE-863	6.5
2021-06-07	CVE-2021-30533	Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe. network low complexity google fedoraproject CWE-863	6.5
2021-06-07	CVE-2021-30534	Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in iFrameSandbox in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google fedoraproject CWE-863	6.5
2021-06-07	CVE-2021-30537	Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in cookies in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass cookie policy via a crafted HTML page. network low complexity google fedoraproject CWE-863	4.3
2021-06-07	CVE-2021-30538	Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google fedoraproject CWE-863	4.3
2021-06-07	CVE-2021-30539	Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google fedoraproject CWE-863	5.4
2021-06-06	CVE-2021-33881	Incorrect Authorization vulnerability in NXP products On NXP MIFARE Ultralight and NTAG cards, an attacker can interrupt a write operation (aka conduct a "tear off" attack) over RFID to bypass a Monotonic Counter protection mechanism. local nxp CWE-863	1.9
2021-06-04	CVE-2021-1539	Incorrect Authorization vulnerability in Cisco Staros Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. network low complexity cisco CWE-863	8.8
2021-06-04	CVE-2021-1540	Incorrect Authorization vulnerability in Cisco Staros Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. network low complexity cisco CWE-863	7.2

Vulnerabilities > Incorrect Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Incorrect Authorization"}]}

Vulnerabilities > Incorrect Authorization