Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-05	CVE-2020-26506	Missing Authorization vulnerability in Marmind 4.1.141.0 An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 allows users with lower privileges to gain control to files uploaded by administrative users. network low complexity marmind CWE-862	4.0
2020-11-04	CVE-2020-2302	Missing Authorization vulnerability in Jenkins Active Directory A missing permission check in Jenkins Active Directory Plugin 2.19 and earlier allows attackers with Overall/Read permission to access the domain health check diagnostic page. network low complexity jenkins CWE-862	4.3
2020-11-02	CVE-2020-28036	Missing Authorization vulnerability in multiple products wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post. network low complexity wordpress fedoraproject debian CWE-862 critical	9.8
2020-10-28	CVE-2020-16260	Missing Authorization vulnerability in Winstonprivacy Winston Firmware 1.5.4 Winston 1.5.4 devices do not enforce authorization. network low complexity winstonprivacy CWE-862	5.0
2020-10-27	CVE-2020-9982	Missing Authorization vulnerability in Apple Music 3.4.0 This issue was addressed with improved checks to prevent unauthorized actions. network apple CWE-862	4.3
2020-10-27	CVE-2019-8857	Missing Authorization vulnerability in Apple Ipados and Iphone OS The issue was addressed with improved validation when an iCloud Link is created. local low complexity apple CWE-862	2.1
2020-10-27	CVE-2019-8856	Missing Authorization vulnerability in Apple products An API issue existed in the handling of outgoing phone calls initiated with Siri. network apple CWE-862	4.3
2020-10-27	CVE-2019-8855	Missing Authorization vulnerability in Apple mac OS X An access issue was addressed with additional sandbox restrictions. network apple CWE-862	4.3
2020-10-26	CVE-2020-26878	Missing Authorization vulnerability in Commscope Ruckus Vriot 1.5.1.0.21 Ruckus through 1.5.1.0.21 is affected by remote command injection. network low complexity commscope CWE-862 critical	9.0
2020-10-26	CVE-2020-7124	Missing Authorization vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. network low complexity arubanetworks CWE-862	7.5

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization