Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

CVEs (2,989)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-26028 1Zammad 1Zammad Nov 21, 2024 Dec 28, 2020 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in Zammad before 3.4.1. Admin Users without a ticket.* permission can access Tickets.
CVE-2020-24674 1Abb 2Symphony + Historian Symphony + Operations Nov 21, 2024 Dec 22, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service (DoS) attack, execute arbitrary code,...Show more In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service (DoS) attack, execute arbitrary code, or obtain more privilege than intended on the machines.Show less
CVE-2020-4794 1Ibm 3Automation Workstream Services Business Automation WorkflowBusiness Process Manager Nov 21, 2024 Dec 21, 2020 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or c...Show more IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. IBM X-Force ID: 189445.Show less
CVE-2020-0481 1Google 1Android Nov 21, 2024 Dec 15, 2020 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a non-system app to send a broadcast it shouldn't have permissions to send, with no additional exe...Show more In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a non-system app to send a broadcast it shouldn't have permissions to send, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157472962Show less
CVE-2020-0479 1Google 1Android Nov 21, 2024 Dec 15, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In callUnchecked of DocumentsProvider.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a malicious app to access files available to the DocumentProvider without user...Show more In callUnchecked of DocumentsProvider.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a malicious app to access files available to the DocumentProvider without user permission, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157294893Show less
CVE-2020-0473 1Google 1Android Nov 21, 2024 Dec 15, 2020 N/A· v4 4.6 MEDIUM· v3 2.1 LOW· v2 In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing an attacker with physical possession of the dev...Show more In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing an attacker with physical possession of the device to transfer files to it over Bluetooth, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-160691486Show less
CVE-2020-8919 1Google 1Gerrit Nov 21, 2024 Dec 10, 2020 N/A· v4 3.5 LOW· v3 2.7 LOW· v2 An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check on the branch REST API allows an attacker with only the default set of priviledges...Show more An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check on the branch REST API allows an attacker with only the default set of priviledges to read all other user's personal account data as well as sub-trees with restricted access.Show less
CVE-2020-29454 1Umbraco 1Umbraco Cms Nov 21, 2024 Dec 2, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access.
CVE-2020-26250 1Jupyter 1Oauthenticator Nov 21, 2024 Dec 1, 2020 N/A· v4 6.3 MEDIUM· v3 3.5 LOW· v2 OAuthenticator is an OAuth login mechanism for JupyterHub. In oauthenticator from version 0.12.0 and before 0.12.2, the deprecated (in jupyterhub 1.2) configuration `Authenticator.whitelist`, which should be transparentl...Show more OAuthenticator is an OAuth login mechanism for JupyterHub. In oauthenticator from version 0.12.0 and before 0.12.2, the deprecated (in jupyterhub 1.2) configuration `Authenticator.whitelist`, which should be transparently mapped to `Authenticator.allowed_users` with a warning, is instead ignored by OAuthenticator classes, resulting in the same behavior as if this configuration has not been set. If this is the only mechanism of authorization restriction (i.e. no group or team restrictions in configuration) then all authenticated users will be allowed. Provider-based restrictions, including deprecated values such as `GitHubOAuthenticator.org_whitelist` are not affected. All users of OAuthenticator 0.12.0 and 0.12.1 with JupyterHub 1.2 (JupyterHub Helm chart 0.10.0-0.10.5) who use the `admin.whitelist.users` configuration in the jupyterhub helm chart or the `c.Authenticator.whitelist` configuration directly. Users of other deprecated configuration, e.g. `c.GitHubOAuthenticator.team_whitelist` are not affected. If you see a log line like this and expect a specific list of allowed usernames: "[I 2020-11-27 16:51:54.528 JupyterHub app:1717] Not using allowed_users. Any authenticated user will be allowed." you are likely affected. Updating oauthenticator to 0.12.2 is recommended. A workaround is to replace the deprecated `c.Authenticator.whitelist = ...` with `c.Authenticator.allowed_users = ...`. If any users have been authorized during this time who should not have been, they must be deleted via the API or admin interface, per the referenced documentation.Show less
CVE-2020-29374 3Debian LinuxNetapp 8500f Firmware A250 FirmwareDebian Linux+5 more Nov 21, 2024 Nov 28, 2020 N/A· v4 3.6 LOW· v3 3.3 LOW· v2 An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantic...Show more An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58.Show less
CVE-2020-15248 1Octobercms 1October Nov 21, 2024 Nov 23, 2020 N/A· v4 4.2 MEDIUM· v3 4.6 MEDIUM· v2 October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.470, backend users with the default "Publisher" system role have acc...Show more October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.470, backend users with the default "Publisher" system role have access to create & manage users where they can choose which role the new user has. This means that a user with "Publisher" access has the ability to escalate their access to "Developer" access. Issue has been patched in Build 470 (v1.0.470) & v1.1.1.Show less
CVE-2020-15246 1Octobercms 1October Nov 21, 2024 Nov 23, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.421 and before version 1.0.469, an attacker can read local files on an October CMS server via a...Show more October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.421 and before version 1.0.469, an attacker can read local files on an October CMS server via a specially crafted request. Issue has been patched in Build 469 (v1.0.469) and v1.1.0.Show less
CVE-2020-28053 1Hashicorp 1Consul Nov 21, 2024 Nov 23, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators with operator:read ACL permissions to read the Connect CA private key configuration. Fixed in 1.6.10, 1.7.10, and 1.8.6.
CVE-2020-28211 1Schneider Electric 1Ecostruxure Control Expert Nov 21, 2024 Nov 19, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A CWE-863: Incorrect Authorization vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause bypass of authentication when overwriting memory using a debugger.
CVE-2020-25701 2Fedoraproject Moodle 2Fedora Moodle Nov 21, 2024 Nov 19, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users ga...Show more If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, 3.5.15, and 3.10.Show less
CVE-2020-25699 2Fedoraproject Moodle 2Fedora Moodle Nov 21, 2024 Nov 19, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3....Show more In moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, 3.5.15, and 3.10.Show less
CVE-2020-8278 1Nextcloud 1Social Nov 21, 2024 Nov 19, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user.
CVE-2020-26223 1Spreecommerce 1Spree Nov 21, 2024 Nov 13, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could...Show more Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Order token. This is patched in versions 3.7.11, 4.0.4, or 4.1.11 depending on your used Spree version. Users of Spree < 3.7 are not affected.Show less
CVE-2020-11209 1Qualcomm 13Qcs603 Firmware Qcs605 FirmwareSa6145p Firmware+10 more Nov 21, 2024 Nov 12, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Improper authorization in DSP process could allow unauthorized users to downgrade the library versions in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439
CVE-2020-17049 2Microsoft Samba 4Samba Windows Server 2012Windows Server 2016+1 more Nov 21, 2024 Nov 11, 2020 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a...Show more A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it. The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD.Show less

Previous 1...126127128...150 Next