Vulnerabilities > Missing Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-17 | CVE-2023-4024 | Missing Authorization vulnerability in Softlabbd Radio Player The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_player function in versions up to, and including, 2.0.73. | 5.3 |
| 2024-08-17 | CVE-2023-4025 | Missing Authorization vulnerability in Softlabbd Radio Player The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73. | 5.3 |
| 2024-08-17 | CVE-2023-4027 | Missing Authorization vulnerability in Softlabbd Radio Player The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_settings function in versions up to, and including, 2.0.73. | 5.3 |
| 2024-08-13 | CVE-2024-39591 | Missing Authorization vulnerability in SAP Document Builder SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application. | 5.3 |
| 2024-08-13 | CVE-2024-41734 | Missing Authorization vulnerability in SAP Netweaver Application Server Abap Due to missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform, an authenticated attacker could call an underlying transaction, which leads to disclosure of user related information. | 4.3 |
| 2024-08-13 | CVE-2024-42373 | Missing Authorization vulnerability in SAP Student Life Cycle Management SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. | 5.4 |
| 2024-08-13 | CVE-2024-33005 | Missing Authorization vulnerability in SAP products Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP Content Server can impersonate other users and may perform some unintended actions. | 6.3 |
| 2024-08-13 | CVE-2024-41730 | Missing Authorization vulnerability in SAP Business Objects Business Intelligence Platform Enterprise430/Enterprise440 In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint. | 9.8 |
| 2024-08-13 | CVE-2024-42376 | Missing Authorization vulnerability in SAP Shared Service Framework SAP Shared Service Framework does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. | 6.5 |
| 2024-08-13 | CVE-2024-42377 | Missing Authorization vulnerability in SAP Shared Service Framework SAP shared service framework allows an authenticated non-administrative user to call a remote-enabled function, which will allow them to insert value entries into a non-sensitive table, causing low impact on integrity of the application | 4.3 |