Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-16 | CVE-2020-7499 | Incorrect Authorization vulnerability in Schneider-Electric products A CWE-863: Incorrect Authorization vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause unauthorized access when a low privileged user makes unauthorized changes. | 6.5 |
| 2020-06-10 | CVE-2020-0115 | Incorrect Authorization vulnerability in Google Android In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. | 7.8 |
| 2020-06-08 | CVE-2020-13696 | Incorrect Authorization vulnerability in multiple products An issue was discovered in LinuxTV xawtv before 3.107. | 4.4 |
| 2020-06-04 | CVE-2020-13834 | Incorrect Authorization vulnerability in Google Android An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (with TEEGRIS) software. | 7.5 |
| 2020-06-03 | CVE-2020-3335 | Incorrect Authorization vulnerability in Cisco products A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of other users on an affected device. | 5.5 |
| 2020-06-03 | CVE-2020-3231 | Incorrect Authorization vulnerability in Cisco IOS A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. | 4.7 |
| 2020-06-03 | CVE-2020-3229 | Incorrect Authorization vulnerability in Cisco IOS XE A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user. | 8.8 |
| 2020-06-03 | CVE-2020-3227 | Incorrect Authorization vulnerability in Cisco IOS XE A vulnerability in the authorization controls for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute Cisco IOx API commands without proper authorization. | 9.8 |
| 2020-06-03 | CVE-2020-4026 | Incorrect Authorization vulnerability in Atlassian Navigator Links 4.0.0/5.0.0/5.1.0 The CustomAppsRestResource list resource in Atlassian Navigator Links before version 3.3.23, from version 4.0.0 before version 4.3.7, from version 5.0.0 before 5.0.1, and from version 5.1.0 before 5.1.1 allows remote attackers to enumerate all linked applications, including those that are restricted or otherwise hidden, through an incorrect authorization check. | 4.3 |
| 2020-05-29 | CVE-2020-11844 | Incorrect Authorization vulnerability in Microfocus Service Management Automation Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management. | 9.8 |