Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-22	CVE-2022-41937	Missing Authorization vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. network low complexity xwiki CWE-862	8.1
2022-11-18	CVE-2022-43482	Missing Authorization vulnerability in Codepeople Appointment Booking Calendar Missing Authorization vulnerability in Appointment Booking Calendar plugin <= 1.3.69 on WordPress. network low complexity codepeople CWE-862	8.8
2022-11-18	CVE-2022-41692	Missing Authorization vulnerability in Dwbooster Appointment Hour Booking Missing Authorization vulnerability in Appointment Hour Booking plugin <= 1.3.71 on WordPress. network low complexity dwbooster CWE-862	8.8
2022-11-17	CVE-2022-42903	Missing Authorization vulnerability in Zohocorp Manageengine Supportcenter Plus 11.0 Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list. local low complexity zohocorp CWE-862	3.3
2022-11-16	CVE-2022-3920	Missing Authorization vulnerability in Hashicorp Consul 1.13.0/1.13.1/1.13.2 HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering's imported nodes and services for HTTP or RPC endpoints used by the UI. network low complexity hashicorp CWE-862	7.5
2022-11-15	CVE-2022-20941	Missing Authorization vulnerability in Cisco Firepower Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to missing authorization for certain resources in the web-based management interface together with insufficient entropy in these resource names. network low complexity cisco CWE-862	5.3
2022-11-15	CVE-2022-45385	Missing Authorization vulnerability in Jenkins Cloudbees Docker Hub/Registry Notification 2.6.2 A missing permission check in Jenkins CloudBees Docker Hub/Registry Notification Plugin 2.6.2 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository. network low complexity jenkins CWE-862	7.5
2022-11-15	CVE-2022-45389	Missing Authorization vulnerability in Jenkins Xp-Dev 1.0 A missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to an attacker-specified repository. network low complexity jenkins CWE-862	5.3
2022-11-15	CVE-2022-45390	Missing Authorization vulnerability in Jenkins Loader.Io 1.0.1 A missing permission check in Jenkins loader.io Plugin 1.0.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. network low complexity jenkins CWE-862	4.3
2022-11-15	CVE-2022-45394	Missing Authorization vulnerability in Jenkins Delete LOG 1.0 A missing permission check in Jenkins Delete log Plugin 1.0 and earlier allows attackers with Item/Read permission to delete build logs. network low complexity jenkins CWE-862	4.3

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization