Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-24	CVE-2022-1521	Missing Authorization vulnerability in Illumina Local RUN Manager 1.3/2.0/3.1 LRM does not implement authentication or authorization by default. network low complexity illumina CWE-862 critical	9.1
2022-06-23	CVE-2021-26637	Missing Authorization vulnerability in Shinasys products There is no account authentication and permission check logic in the firmware and existing apps of SiHAS's SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device. network low complexity shinasys CWE-862 critical	9.8
2022-06-23	CVE-2022-34201	Missing Authorization vulnerability in Jenkins Convertigo Mobile Platform 1.0/1.1 A missing permission check in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. network low complexity jenkins CWE-862	6.5
2022-06-23	CVE-2022-34204	Missing Authorization vulnerability in Jenkins Easyqa 1.0 A missing permission check in Jenkins EasyQA Plugin 1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server. network low complexity jenkins CWE-862	4.3
2022-06-23	CVE-2022-34206	Missing Authorization vulnerability in Jenkins Jianliao Notification 1.0/1.1 A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL. network low complexity jenkins CWE-862	4.3
2022-06-23	CVE-2022-34208	Missing Authorization vulnerability in Jenkins Beaker Builder A missing permission check in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. network low complexity jenkins CWE-862	4.3
2022-06-23	CVE-2022-34210	Missing Authorization vulnerability in Jenkins Threadfix A missing permission check in Jenkins ThreadFix Plugin 1.5.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. network low complexity jenkins CWE-862	6.5
2022-06-23	CVE-2022-34212	Missing Authorization vulnerability in Jenkins Vrealize Orchestrator A missing permission check in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request to an attacker-specified URL. network low complexity jenkins CWE-862	5.7
2022-06-21	CVE-2022-31095	Missing Authorization vulnerability in Discourse Discourse-Chat 0.3 discourse-chat is a chat plugin for the Discourse application. network low complexity discourse CWE-862	6.5
2022-06-20	CVE-2022-33913	Missing Authorization vulnerability in Mahara In Mahara 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04.2, files can sometimes be downloaded through thumb.php with no permission check. network low complexity mahara CWE-862	7.5

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization