Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-06	CVE-2019-18674	Missing Authorization vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.13. network low complexity joomla CWE-862	5.0
2019-10-31	CVE-2019-5095	Missing Authorization vulnerability in Tempo 4.10.0 An issue summary information disclosure vulnerability exists in Atlassian Jira Tempo plugin, version 4.10.0. network low complexity tempo CWE-862	4.0
2019-10-23	CVE-2019-18383	Missing Authorization vulnerability in Terra-Master Fs-210 Firmware 4.0.19 An issue was discovered on TerraMaster FS-210 4.0.19 devices. network low complexity terra-master CWE-862	5.0
2019-10-17	CVE-2019-15850	Missing Authorization vulnerability in Eq-3 Homematic Ccu3 Firmware 3.41.11 eQ-3 HomeMatic CCU3 firmware version 3.41.11 allows Remote Code Execution in the ReGa.runScript method. network low complexity eq-3 CWE-862 critical	9.0
2019-10-16	CVE-2019-10457	Missing Authorization vulnerability in Jenkins Oracle Cloud Infrastructure Compute Classic 1.0.0 A missing permission check in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. network low complexity jenkins CWE-862	4.3
2019-10-16	CVE-2019-10455	Missing Authorization vulnerability in Jenkins Rundeck A missing permission check in Jenkins Rundeck Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. network low complexity jenkins CWE-862	4.3
2019-10-16	CVE-2019-10445	Missing Authorization vulnerability in Jenkins Google Kubernetes Engine A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed attackers with Overall/Read permission to obtain limited information about the scope of a credential with an attacker-specified credentials ID. network low complexity jenkins CWE-862	4.3
2019-10-16	CVE-2019-10442	Missing Authorization vulnerability in Jenkins Icescrum A missing permission check in Jenkins iceScrum Plugin 1.1.5 and earlier allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. network low complexity jenkins CWE-862	4.3
2019-10-16	CVE-2019-10439	Missing Authorization vulnerability in Jenkins CRX Content Package Deployer A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier in various 'doFillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. network low complexity jenkins CWE-862	4.3
2019-10-16	CVE-2019-10438	Missing Authorization vulnerability in Jenkins CRX Content Package Deployer A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. network low complexity jenkins CWE-862	6.5

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization