Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2017-05-22	CVE-2017-6635	Missing Authorization vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 12.1) could allow an authenticated, remote attacker to delete any file from an affected system. network low complexity cisco CWE-862	6.8
2017-05-18	CVE-2017-6622	Missing Authorization vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. network low complexity cisco CWE-862 critical	10.0
2017-05-01	CVE-2017-6565	Missing Authorization vulnerability in Franklinfueling Ts-550 EVO Firmware 2.3.0.7332 On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. network low complexity franklinfueling CWE-862	8.8
2017-05-01	CVE-2017-6564	Missing Authorization vulnerability in Franklinfueling Ts-550 EVO Firmware 2.3.0.7332 On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. network low complexity franklinfueling CWE-862	6.5
2017-04-25	CVE-2017-8217	Missing Authorization vulnerability in Tp-Link C20I Firmware and C2 Firmware TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface. network low complexity tp-link CWE-862	5.0
2017-04-10	CVE-2017-7622	Missing Authorization vulnerability in Deepin Desktop Environment dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with root privileges and hardly does anything to identify the user who calls the function through D-Bus. network low complexity deepin CWE-862 critical	9.0
2017-04-07	CVE-2017-0554	Missing Authorization vulnerability in Google Android An elevation of privilege vulnerability in the Telephony component could enable a local malicious application to access capabilities outside of its permission levels. network google CWE-862	6.8
2017-04-07	CVE-2017-6598	Missing Authorization vulnerability in Cisco products A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege Escalation. local low complexity cisco CWE-862	7.2
2017-03-24	CVE-2017-6369	Missing Authorization vulnerability in Firebirdsql Firebird Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so. network low complexity firebirdsql CWE-862	6.5
2017-03-20	CVE-2017-5930	Missing Authorization vulnerability in multiple products The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check. network opensuse postfixadmin-project CWE-862	3.5

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization