Vulnerabilities > Missing Authorization

DATE CVE VULNERABILITY TITLE RISK
2022-07-13 CVE-2022-20225 Missing Authorization vulnerability in Google Android
In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check.
local
low complexity
google CWE-862
2.1
2022-07-12 CVE-2022-31592 Missing Authorization vulnerability in SAP Enterprise Extension Defense Forces & Public Security
The application SAP Enterprise Extension Defense Forces & Public Security - versions 605, 606, 616,617,618, 802, 803, 804, 805, 806, does not perform necessary authorization checks for an authenticated user over the network, resulting in escalation of privileges leading to a limited impact on confidentiality.
network
low complexity
sap CWE-862
4.0
2022-07-12 CVE-2022-31597 Missing Authorization vulnerability in SAP S/4Hana and Sapscore
Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application business partner extension for Spain/Slovakia does not perform necessary authorization checks for a low privileged authenticated user over the network, resulting in escalation of privileges leading to low impact on confidentiality and integrity of the data.
network
low complexity
sap CWE-862
5.5
2022-07-11 CVE-2022-29512 Missing Authorization vulnerability in Cybozu Garoon
Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege.
network
low complexity
cybozu CWE-862
4.0
2022-07-08 CVE-2022-1245 Missing Authorization vulnerability in Redhat Keycloak
A privilege escalation flaw was found in the token exchange feature of keycloak.
network
low complexity
redhat CWE-862
7.5
2022-07-06 CVE-2022-21763 Missing Authorization vulnerability in Google Android 10.0/11.0/12.0
In telecom service, there is a possible information disclosure due to a missing permission check.
local
low complexity
google CWE-862
2.1
2022-07-06 CVE-2022-21764 Missing Authorization vulnerability in Google Android 10.0/11.0/12.0
In telecom service, there is a possible information disclosure due to a missing permission check.
local
low complexity
google CWE-862
2.1
2022-07-06 CVE-2022-21777 Missing Authorization vulnerability in Google Android 11.0/12.0
In Autoboot, there is a possible permission bypass due to a missing permission check.
local
low complexity
google CWE-862
4.6
2022-07-01 CVE-2022-22373 Missing Authorization vulnerability in IBM Infosphere Information Server 11.7
An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead to creation of directories and files on the server file system that may contain non-sensitive debugging information like stack traces.
network
low complexity
ibm CWE-862
5.5
2022-06-30 CVE-2022-34779 Missing Authorization vulnerability in Jenkins Xebialabs XL Release 22.0.0
A missing permission check in Jenkins XebiaLabs XL Release Plugin 22.0.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
network
low complexity
jenkins CWE-862
4.0