VYPR

CWE-863

Incorrect Authorization

ClassIncompleteLikelihood: High

Description

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Hierarchy (View 1000)

CVEs mapped to this weakness (1,530)

page 74 of 77
  • CVE-2020-26223Nov 13, 2020
    risk 0.00cvss epss 0.01

    Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty…

  • CVE-2020-24401Nov 9, 2020
    risk 0.00cvss epss 0.02

    Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect authorization vulnerability. A user can still access resources provisioned under their old role after an administrator removes the role or disables the user's account.

  • CVE-2020-13957Oct 13, 2020
    risk 0.00cvss epss 0.79

    Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to…

  • CVE-2020-15251Oct 13, 2020
    risk 0.00cvss epss 0.01

    In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected.…

  • CVE-2020-2286Oct 8, 2020
    risk 0.00cvss epss 0.01

    Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a permission cache when the configuration is changed, resulting in permissions being granted based on an outdated configuration.

  • CVE-2020-25781Sep 30, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL directly.

  • CVE-2020-1748Sep 16, 2020
    risk 0.00cvss epss 0.01

    A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by…

  • CVE-2020-2258Sep 16, 2020
    risk 0.00cvss epss 0.01

    Jenkins Health Advisor by CloudBees Plugin 3.2.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view that HTTP endpoint.

  • CVE-2020-15163Sep 9, 2020
    risk 0.00cvss epss 0.01

    Python TUF (The Update Framework) reference implementation before version 0.12 it will incorrectly trust a previously downloaded root metadata file which failed verification at download time. This allows an attacker who is able to serve multiple new versions of root metadata…

  • CVE-2020-24941Sep 4, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in Laravel before 6.18.35 and 7.x before 7.24.0. The $guarded property is mishandled in some situations involving requests with JSON column nesting expressions.

  • CVE-2020-25025Sep 2, 2020
    risk 0.00cvss epss 0.01

    The l10nmgr (aka Localization Manager) extension before 7.4.0, 8.x before 8.7.0, and 9.x before 9.2.0 for TYPO3 allows Information Disclosure (translatable fields).

  • CVE-2020-25026Sep 2, 2020
    risk 0.00cvss epss 0.01

    The sf_event_mgt (aka Event management and registration) extension before 4.3.1 and 5.x before 5.1.1 for TYPO3 allows Information Disclosure (participant data, and event data via email) because of Broken Access Control.

  • CVE-2020-2233Aug 12, 2020
    risk 0.00cvss epss 0.01

    A missing permission check in Jenkins Pipeline Maven Integration Plugin 3.8.2 and earlier allows users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.

  • CVE-2020-9692Jul 29, 2020
    risk 0.00cvss epss 0.04

    Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2020-15120Jul 27, 2020
    risk 0.00cvss epss 0.01

    In "I hate money" before version 4.1.5, an authenticated member of one project can modify and delete members of another project, without knowledge of this other project's private code. This can be further exploited to access all bills of another project without knowledge of this…

  • CVE-2020-15126Jul 22, 2020
    risk 0.00cvss epss 0.01

    In parser-server from version 3.5.0 and before 4.3.0, an authenticated user using the viewer GraphQL query can by pass all read security on his User object and can also by pass all objects linked via relation or Pointer on his User object.

  • CVE-2020-6506Jul 22, 2020
    risk 0.00cvss epss 0.04

    Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page.

  • CVE-2020-15110Jul 17, 2020
    risk 0.00cvss epss 0.01

    In jupyterhub-kubespawner before 0.12, certain usernames will be able to craft particular server names which will grant them access to the default server of other users who have matching usernames. This has been fixed in 0.12.

  • CVE-2020-2228Jul 15, 2020
    risk 0.00cvss epss 0.01

    Jenkins Gitlab Authentication Plugin 1.5 and earlier does not perform group authorization checks properly, resulting in a privilege escalation vulnerability.

  • CVE-2020-7692Jul 9, 2020
    risk 0.00cvss epss 0.02

    PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that…