Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-14	CVE-2019-0293	Missing Authorization vulnerability in SAP Solution Manager System 20081700/20081710/20081740 Read of RFC destination does not always perform necessary authorization checks, resulting in escalation of privileges to access information on RFC destinations on managed systems and SAP Solution Manager system (ST-PI, before versions 2008_1_700, 2008_1_710, and 740). network low complexity sap CWE-862	6.5
2019-05-14	CVE-2019-0280	Missing Authorization vulnerability in SAP Treasury and Risk Management SAP Treasury and Risk Management (EA-FINSERV 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18 and 8.0; S4CORE 1.01, 1.02 and 1.03), does not perform necessary authorization checks for authorization objects T_DEAL_DP and T_DEAL_PD , resulting in escalation of privileges. network low complexity sap CWE-862	8.8
2019-04-30	CVE-2019-11611	Missing Authorization vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php. network low complexity doorgets CWE-862	7.5
2019-04-30	CVE-2019-11610	Missing Authorization vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. network low complexity doorgets CWE-862	7.5
2019-04-30	CVE-2019-11609	Missing Authorization vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php. network low complexity doorgets CWE-862	8.2
2019-04-30	CVE-2019-11608	Missing Authorization vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php. network low complexity doorgets CWE-862	8.2
2019-04-30	CVE-2019-11607	Missing Authorization vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copydir.php. network low complexity doorgets CWE-862	7.5
2019-04-30	CVE-2019-11606	Missing Authorization vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copyfile.php. network low complexity doorgets CWE-862	7.5
2019-04-30	CVE-2019-3399	Missing Authorization vulnerability in Atlassian Jira The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to see information for archived projects through a missing authorisation check. network low complexity atlassian CWE-862	7.5
2019-04-30	CVE-2019-10312	Missing Authorization vulnerability in Jenkins Ansible Tower A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doFillTowerCredentialsIdItems method allowed attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins. network low complexity jenkins CWE-862	4.3

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization