Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

CVEs (2,988)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-26121 2Fedoraproject Mediawiki 2Fedora Mediawiki Nov 21, 2024 Sep 27, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to creat...Show more An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a mishandled distinction between an upload restriction and a create restriction. An attacker cannot leverage this to overwrite anything, but can leverage this to force a wiki to have a page with a disallowed title.Show less
CVE-2020-25869 2Fedoraproject Mediawiki 2Fedora Mediawiki Nov 21, 2024 Sep 27, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.
CVE-2020-3477 1Cisco 1Ios Nov 21, 2024 Sep 24, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. The vulnerability is due to insufficient applicat...Show more A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by using a specific command at the command line. A successful exploit could allow the attacker to obtain read-only access to files that are located on the flash: filesystem that otherwise might not have been accessible.Show less
CVE-2020-3474 1Cisco 1Ios Xe Nov 21, 2024 Sep 24, 2020 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the we...Show more Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2020-3404 1Cisco 1Ios Xe Nov 21, 2024 Sep 24, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying oper...Show more A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient enforcement of the consent token in authorizing shell access. An attacker could exploit this vulnerability by authenticating to the persistent Telnet/SSH CLI on an affected device and requesting shell access. A successful exploit could allow the attacker to gain shell access on the affected device and execute commands on the underlying OS with root privileges.Show less
CVE-2020-4621 1Ibm 1Data Risk Manager Nov 21, 2024 Sep 22, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to escalate their privileges to administrator due to insufficient authorization checks. IBM X-Force ID: 184981.
CVE-2020-2258 1Jenkins 1Health Advisor By Cloudbees Nov 21, 2024 Sep 16, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Jenkins Health Advisor by CloudBees Plugin 3.2.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view that HTTP endpoint.
CVE-2020-15590 1Privateinternetaccess 1Private Internet Access Vpn Client Nov 21, 2024 Sep 14, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network t...Show more A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a “split tunnel” OpenVPN bypass option. The PIA killswitch & associated iptables firewall is designed to protect you while using the Internet. When the kill switch is configured to block all inbound and outbound network traffic, privileged applications can continue sending & receiving network traffic if net.ipv4.ip_forward has been enabled in the system kernel parameters. For example, a Docker container running on a host with the VPN turned off, and the kill switch turned on, can continue using the internet, leaking the host IP (CWE 200). In PIA 2.4.0+, policy-based routing is enabled by default and is used to direct all forwarded packets to the VPN interface automatically.Show less
CVE-2020-13313 1Gitlab 1Gitlab Nov 21, 2024 Sep 14, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. An unauthorized project maintainer could edit the subgroup badges due to the lack of authorization control.
CVE-2020-13300 1Gitlab 1Gitlab Nov 21, 2024 Sep 14, 2020 N/A· v4 10.0 CRITICAL· v3 6.4 MEDIUM· v2 GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow.
CVE-2020-13284 1Gitlab 1Gitlab Nov 21, 2024 Sep 14, 2020 N/A· v4 6.5 MEDIUM· v3 5.5 MEDIUM· v2 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token
CVE-2020-25284 3Debian LinuxOpensuse 3Debian Linux LeapLinux Kernel Nov 21, 2024 Sep 13, 2020 N/A· v4 4.1 MEDIUM· v3 1.9 LOW· v2 The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block de...Show more The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.Show less
CVE-2020-15163 1Linuxfoundation 1The Update Framework Nov 21, 2024 Sep 9, 2020 N/A· v4 8.2 HIGH· v3 4.9 MEDIUM· v2 Python TUF (The Update Framework) reference implementation before version 0.12 it will incorrectly trust a previously downloaded root metadata file which failed verification at download time. This allows an attacker who...Show more Python TUF (The Update Framework) reference implementation before version 0.12 it will incorrectly trust a previously downloaded root metadata file which failed verification at download time. This allows an attacker who is able to serve multiple new versions of root metadata (i.e. by a person-in-the-middle attack) culminating in a version which has not been correctly signed to control the trust chain for future updates. This is fixed in version 0.12 and newer.Show less
CVE-2020-6311 1Sap 2Bank Analyzer S/4hana For Financial Products Subledger Nov 21, 2024 Sep 9, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial products subledger, version � 100, does not correctly perform necessary authorization checks for an authenticated user due to Im...Show more Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial products subledger, version � 100, does not correctly perform necessary authorization checks for an authenticated user due to Improper Authorization checks, that may cause a system administrator to create incorrect authorization proposals. This may result in privilege escalation and may expose restricted banking data.Show less
CVE-2020-3530 1Cisco 1Ios Xr Nov 21, 2024 Sep 4, 2020 N/A· v4 8.4 HIGH· v3 5.6 MEDIUM· v2 A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required....Show more A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges.Show less
CVE-2020-3473 1Cisco 1Ios Xr Nov 21, 2024 Sep 4, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device. Th...Show more A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device. The vulnerability is due to incorrect mapping of a command to task groups within the source code. An attacker could exploit this vulnerability by first authenticating to the local CLI shell on the device and using the CLI command to bypass the task group–based checks. A successful exploit could allow the attacker to elevate privileges and perform actions on the device without authorization checks.Show less
CVE-2020-24941 1Laravel 1Laravel Nov 21, 2024 Sep 4, 2020 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 An issue was discovered in Laravel before 6.18.35 and 7.x before 7.24.0. The $guarded property is mishandled in some situations involving requests with JSON column nesting expressions.
CVE-2020-5418 1Cloudfoundry 2Capi Release Cf Deployment Nov 21, 2024 Sep 3, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Cloud Foundry CAPI (Cloud Controller) versions prior to 1.98.0 allow authenticated users having only the "cloud_controller.read" scope, but no roles in any spaces, to list all droplets in all spaces (whereas they should...Show more Cloud Foundry CAPI (Cloud Controller) versions prior to 1.98.0 allow authenticated users having only the "cloud_controller.read" scope, but no roles in any spaces, to list all droplets in all spaces (whereas they should see none).Show less
CVE-2020-25025 1Localization Manager Project 1Localization Manager Nov 21, 2024 Sep 2, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 The l10nmgr (aka Localization Manager) extension before 7.4.0, 8.x before 8.7.0, and 9.x before 9.2.0 for TYPO3 allows Information Disclosure (translatable fields).
CVE-2020-25055 1Google 1Android Nov 21, 2024 Aug 31, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The persona service allows attackers (who control an unprivileged SecureFolder process) to bypass admin restrictions in KnoxCon...Show more An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The persona service allows attackers (who control an unprivileged SecureFolder process) to bypass admin restrictions in KnoxContainer. The Samsung ID is SVE-2020-18133 (August 2020).Show less

Previous 1...128129130...150 Next