Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-13	CVE-2023-50767	Missing Authorization vulnerability in Jenkins Nexus Platform 3.18.003 Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML. network low complexity jenkins CWE-862	5.4
2023-12-13	CVE-2023-50769	Missing Authorization vulnerability in Jenkins Nexus Platform 3.18.003 Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. network low complexity jenkins CWE-862	4.3
2023-12-13	CVE-2023-50779	Missing Authorization vulnerability in Jenkins Paaslane Estimate 1.0.4 Missing permission checks in Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using an attacker-specified token. network low complexity jenkins CWE-862	4.3
2023-12-13	CVE-2023-47573	Missing Authorization vulnerability in Relyum Rely-Pcie Firmware and Rely-Rec Firmware An issue discovered in Relyum RELY-PCIe 22.2.1 devices. network low complexity relyum CWE-862	8.8
2023-12-11	CVE-2023-48417	Missing Authorization vulnerability in Google Chromecast Firmware Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application network low complexity google CWE-862 critical	9.8
2023-12-09	CVE-2023-6394	Missing Authorization vulnerability in multiple products A flaw was found in Quarkus. network low complexity quarkus redhat CWE-862 critical	9.1
2023-12-08	CVE-2023-48402	Missing Authorization vulnerability in Google Android In ppcfw_enable of ppcfw.c, there is a possible EoP due to a missing permission check. local low complexity google CWE-862	7.8
2023-12-07	CVE-2023-5710	Missing Authorization vulnerability in Bowo System Dashboard 2.8.7 The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_constants() function hooked via an AJAX action in all versions up to, and including, 2.8.7. network low complexity bowo CWE-862	4.3
2023-12-07	CVE-2023-5711	Missing Authorization vulnerability in Bowo System Dashboard 2.8.7 The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_php_info() function hooked via an AJAX action in all versions up to, and including, 2.8.7. network low complexity bowo CWE-862	4.3
2023-12-07	CVE-2023-5712	Missing Authorization vulnerability in Bowo System Dashboard 2.8.7 The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_global_value() function hooked via an AJAX action in all versions up to, and including, 2.8.7. network low complexity bowo CWE-862	4.3

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization