Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-23	CVE-2019-1010149	Missing Authorization vulnerability in Zzcms zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. network low complexity zzcms CWE-862 critical	9.8
2019-07-18	CVE-2019-1010246	Missing Authorization vulnerability in Mailcleaner MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affected by: Unauthenticated MySQL database password information disclosure. network low complexity mailcleaner CWE-862	7.5
2019-07-18	CVE-2019-1010066	Missing Authorization vulnerability in Llnl Model Specific Registers-Safe 1.1.0 Lawrence Livermore National Laboratory msr-safe v1.1.0 is affected by: Incorrect Access Control. network low complexity llnl CWE-862	7.5
2019-07-17	CVE-2019-10354	Missing Authorization vulnerability in multiple products A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier allowed attackers to access view fragments directly, bypassing permission checks and possibly obtain sensitive information. network low complexity jenkins redhat CWE-862	4.3
2019-07-15	CVE-2019-1010304	Missing Authorization vulnerability in Mirumee Saleor Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. network low complexity mirumee CWE-862	5.3
2019-07-11	CVE-2019-10342	Missing Authorization vulnerability in Jenkins Docker A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in various 'fillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. network low complexity jenkins CWE-862	4.3
2019-07-11	CVE-2019-10341	Missing Authorization vulnerability in Jenkins Docker A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. network low complexity jenkins CWE-862	6.5
2019-07-10	CVE-2019-0325	Missing Authorization vulnerability in SAP ERP HCM 3.0 SAP ERP HCM (SAP_HRCES) , version 3, does not perform necessary authorization checks for a report that reads payroll data of employees in a certain area. network high complexity sap CWE-862	4.2
2019-07-10	CVE-2019-12470	Missing Authorization vulnerability in multiple products Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. network low complexity mediawiki debian CWE-862	6.5
2019-07-10	CVE-2019-12469	Missing Authorization vulnerability in multiple products MediaWiki through 1.32.1 has Incorrect Access Control. network low complexity mediawiki debian CWE-862	6.5

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization