Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-26 | CVE-2017-9036 | Missing Authorization vulnerability in Trendmicro Serverprotect 3.0 Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine directory. | 7.8 |
| 2017-05-22 | CVE-2017-6635 | Missing Authorization vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 12.1) could allow an authenticated, remote attacker to delete any file from an affected system. | 6.5 |
| 2017-05-18 | CVE-2017-6622 | Missing Authorization vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. | 9.8 |
| 2017-05-01 | CVE-2017-6565 | Missing Authorization vulnerability in Franklinfueling Ts-550 EVO Firmware 2.3.0.7332 On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. | 8.8 |
| 2017-05-01 | CVE-2017-6564 | Missing Authorization vulnerability in Franklinfueling Ts-550 EVO Firmware 2.3.0.7332 On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. | 6.5 |
| 2017-04-25 | CVE-2017-8217 | Missing Authorization vulnerability in Tp-Link C20I Firmware and C2 Firmware TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface. | 5.3 |
| 2017-04-10 | CVE-2017-7622 | Missing Authorization vulnerability in Deepin Desktop Environment dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with root privileges and hardly does anything to identify the user who calls the function through D-Bus. | 8.8 |
| 2017-04-07 | CVE-2017-0554 | Missing Authorization vulnerability in Google Android An elevation of privilege vulnerability in the Telephony component could enable a local malicious application to access capabilities outside of its permission levels. | 7.8 |
| 2017-04-07 | CVE-2017-6598 | Missing Authorization vulnerability in Cisco products A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege Escalation. | 6.7 |
| 2017-03-24 | CVE-2017-6369 | Missing Authorization vulnerability in Firebirdsql Firebird Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so. | 8.8 |