Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-17	CVE-2020-0289	Missing Authorization vulnerability in Google Android 11.0 In PackageManager, there is a missing permission check. local low complexity google CWE-862	2.1
2020-09-17	CVE-2020-0277	Missing Authorization vulnerability in Google Android 11.0 In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check. local low complexity google CWE-862	4.6
2020-09-17	CVE-2020-0266	Missing Authorization vulnerability in Google Android 11.0 In factory reset protection, there is a possible FRP bypass due to a missing permission check. local low complexity google CWE-862	7.2
2020-09-17	CVE-2020-0401	Missing Authorization vulnerability in Google Android In setInstallerPackageName of PackageManagerService.java, there is a missing permission check. local low complexity google CWE-862	7.2
2020-09-16	CVE-2020-14306	Missing Authorization vulnerability in Istio-Operator Project Istio-Operator An incorrect access control flaw was found in the operator, openshift-service-mesh/istio-rhel8-operator all versions through 1.1.3. network low complexity istio-operator-project CWE-862	8.8
2020-09-16	CVE-2020-2272	Missing Authorization vulnerability in Jenkins Elastest A missing permission check in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. network low complexity jenkins CWE-862	4.3
2020-09-16	CVE-2020-2267	Missing Authorization vulnerability in Jenkins Mongodb A missing permission check in Jenkins MongoDB Plugin 1.3 and earlier allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the Jenkins controller. network low complexity jenkins CWE-862	4.3
2020-09-16	CVE-2020-2260	Missing Authorization vulnerability in Jenkins Perfecto A missing permission check in Jenkins Perfecto Plugin 1.17 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials. network low complexity jenkins CWE-862	4.3
2020-09-16	CVE-2020-2255	Missing Authorization vulnerability in Jenkins Blue Ocean A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. network low complexity jenkins CWE-862	4.3
2020-09-14	CVE-2020-13316	Missing Authorization vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. network low complexity gitlab CWE-862	4.0

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization