Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-14	CVE-2021-39622	Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission check. local low complexity google CWE-862	7.2
2022-01-13	CVE-2022-0178	Missing Authorization vulnerability in Snipeitapp Snipe-It Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8. network low complexity snipeitapp CWE-862	5.4
2022-01-13	CVE-2021-40327	Missing Authorization vulnerability in Trustedfirmware Trusted Firmware-M 1.4.0 Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has incorrect access control. network high complexity trustedfirmware CWE-862	2.6
2022-01-12	CVE-2022-20614	Missing Authorization vulnerability in multiple products A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname. network low complexity jenkins oracle CWE-862	4.3
2022-01-12	CVE-2022-20616	Missing Authorization vulnerability in Jenkins Credentials Binding Jenkins Credentials Binding Plugin 1.27 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read access to validate if a credential ID refers to a secret file credential and whether it's a zip file. network low complexity jenkins CWE-862	4.3
2022-01-12	CVE-2022-20618	Missing Authorization vulnerability in Jenkins Bitbucket Branch Source A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. network low complexity jenkins CWE-862	4.3
2022-01-12	CVE-2022-20620	Missing Authorization vulnerability in Jenkins SSH Agent Missing permission checks in Jenkins SSH Agent Plugin 1.23 and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. network low complexity jenkins CWE-862	4.3
2022-01-12	CVE-2022-23112	Missing Authorization vulnerability in Jenkins Publish Over SSH A missing permission check in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers with Overall/Read access to connect to an attacker-specified SSH server using attacker-specified credentials. network low complexity jenkins CWE-862	6.5
2022-01-12	CVE-2022-0179	Missing Authorization vulnerability in Snipeitapp Snipe-It snipe-it is vulnerable to Missing Authorization network low complexity snipeitapp CWE-862	5.4
2022-01-10	CVE-2021-25032	Missing Authorization vulnerability in Publishpress Capabilities The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro WordPress plugin before 2.3.1 does not have authorisation and CSRF checks when updating the plugin's settings via the init hook, and does not ensure that the options to be updated belong to the plugin. network low complexity publishpress CWE-862 critical	9.8

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization