Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

CVEs (2,986)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-10786 1Vestacp 1Vesta Control Panel Nov 21, 2024 Apr 21, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A remote command execution in Vesta Control Panel through 0.9.8-26 allows any authenticated user to execute arbitrary commands on the system via cron jobs.
CVE-2020-11753 1Sonatype 1Nexus Repository Manager 3 Nov 21, 2024 Apr 20, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. It is possible for a user with appropriate privileges to create, modify, and execute scripting tasks without use of the UI or AP...Show more An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. It is possible for a user with appropriate privileges to create, modify, and execute scripting tasks without use of the UI or API. NOTE: in 3.22.0, scripting is disabled by default (making this not exploitable).Show less
CVE-2020-5293 1Prestashop 1Prestashop Nov 21, 2024 Apr 20, 2020 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there are improper access controls on product page with combinations, attachments and specific prices. The problem is fixed in 1.7.6.5.
CVE-2020-5288 1Prestashop 1Prestashop Nov 21, 2024 Apr 20, 2020 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 "In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there is improper access controls on product attributes page. The problem is fixed in 1.7.6.5.
CVE-2020-5287 1Prestashop 1Prestashop Nov 21, 2024 Apr 20, 2020 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is improper access control on customers search. The problem is fixed in 1.7.6.5.
CVE-2020-5279 1Prestashop 1Prestashop Nov 21, 2024 Apr 20, 2020 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 In PrestaShop between versions 1.5.0.0 and 1.7.6.5, there are improper access control since the the version 1.5.0.0 for legacy controllers. - admin-dev/index.php/configure/shop/customer-preferences/ - admin-dev/index.php...Show more In PrestaShop between versions 1.5.0.0 and 1.7.6.5, there are improper access control since the the version 1.5.0.0 for legacy controllers. - admin-dev/index.php/configure/shop/customer-preferences/ - admin-dev/index.php/improve/international/translations/ - admin-dev/index.php/improve/international/geolocation/ - admin-dev/index.php/improve/international/localization - admin-dev/index.php/configure/advanced/performance - admin-dev/index.php/sell/orders/delivery-slips/ - admin-dev/index.php?controller=AdminStatuses The problem is fixed in 1.7.6.5Show less
CVE-2020-0981 1Microsoft 2Windows 10 Windows Server 2016 Nov 21, 2024 Apr 15, 2020 N/A· v4 8.8 HIGH· v3 4.6 MEDIUM· v2 A security feature bypass vulnerability exists when Windows fails to properly handle token relationships.An attacker who successfully exploited the vulnerability could allow an application with a certain integrity level...Show more A security feature bypass vulnerability exists when Windows fails to properly handle token relationships.An attacker who successfully exploited the vulnerability could allow an application with a certain integrity level to execute code at a different integrity level, leading to a sandbox escape.The update addresses the vulnerability by correcting how Windows handles token relationships, aka 'Windows Token Security Feature Bypass Vulnerability'.Show less
CVE-2020-6214 1Sap 1S/4hana Nov 21, 2024 Apr 14, 2020 N/A· v4 4.7 MEDIUM· v3 6.5 MEDIUM· v2 SAP S/4HANA (Financial Products Subledger), version 100, uses an incorrect authorization object in some reports. Although the affected reports are protected with other authorization objects, exploitation of the vulnerabi...Show more SAP S/4HANA (Financial Products Subledger), version 100, uses an incorrect authorization object in some reports. Although the affected reports are protected with other authorization objects, exploitation of the vulnerability would allow an authenticated attacker to view, change, or delete data, thereby preventing the proper segregation of duties in the system.Show less
CVE-2020-11707 1Provideserver 1Provide Ftp Server Nov 21, 2024 Apr 12, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in ProVide (formerly zFTPServer) through 13.1. It doesn't enforce permission over Windows Symlinks or Junctions. As a result, a low-privileged user (non-admin) can craft a Junction Link in a direc...Show more An issue was discovered in ProVide (formerly zFTPServer) through 13.1. It doesn't enforce permission over Windows Symlinks or Junctions. As a result, a low-privileged user (non-admin) can craft a Junction Link in a directory he has full control of, breaking out of the sandbox.Show less
CVE-2018-21039 1Google 1Android Nov 21, 2024 Apr 8, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered on Samsung mobile devices with N(7.0) software. With the Location permission for the compass feature in Quick Tools (aka QuickTools), an attacker can bypass the lockscreen. The Samsung ID is SVE-2...Show more An issue was discovered on Samsung mobile devices with N(7.0) software. With the Location permission for the compass feature in Quick Tools (aka QuickTools), an attacker can bypass the lockscreen. The Samsung ID is SVE-2018-12053 (December 2018).Show less
CVE-2018-21082 1Google 1Android Nov 21, 2024 Apr 8, 2020 N/A· v4 8.4 HIGH· v3 4.6 MEDIUM· v2 An issue was discovered on Samsung mobile devices with N(7.x) software. Dex Station allows App Pinning bypass and lock-screen bypass via the "Use screen lock type to unpin" option. The Samsung ID is SVE-2017-11106 (Febru...Show more An issue was discovered on Samsung mobile devices with N(7.x) software. Dex Station allows App Pinning bypass and lock-screen bypass via the "Use screen lock type to unpin" option. The Samsung ID is SVE-2017-11106 (February 2018).Show less
CVE-2020-11628 1Primekey 1Ejbca Nov 21, 2024 Apr 8, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. It is intended to support restriction of available remote protocols (CMP, ACME, REST, etc.) through the system configuration. These restrictions ca...Show more An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. It is intended to support restriction of available remote protocols (CMP, ACME, REST, etc.) through the system configuration. These restrictions can be bypassed by modifying the URI string from a client. (EJBCA's internal access control restrictions are still in place, and each respective protocol must be configured to allow for enrollment.)Show less
CVE-2020-8142 1Revive Adserver 1Revive Adserver Nov 21, 2024 Apr 3, 2020 N/A· v4 6.8 MEDIUM· v3 4.6 MEDIUM· v2 A security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user hoangn144. Revive Adserver, like many other applications, requires the logged in user to type the curre...Show more A security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user hoangn144. Revive Adserver, like many other applications, requires the logged in user to type the current password in order to change the e-mail address or the password. It was however possible for anyone with access to a Revive Adserver admin user interface to bypass such check and change e-email address or password of the currently logged in user by altering the form payload.The attack requires physical access to the user interface of a logged in user. If the POST payload was altered by turning the “pwold” parameter into an array, Revive Adserver would fetch and authorise the operation even if no password was provided.Show less
CVE-2018-11802 1Apache 1Solr Apr 15, 2026 Apr 1, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies...Show more In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all authorization settings for such requests. This affects all Solr versions prior to 7.7 that use the default authorization mechanism of Solr (RuleBasedAuthorizationPlugin).Show less
CVE-2020-5275 1Sensiolabs 1Symfony Nov 21, 2024 Mar 30, 2020 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule's attributes and stops as soon as the accessDecisionManager decides to grant access on th...Show more In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule's attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. The accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute. This issue is patched in versions 4.4.7 and 5.0.7.Show less
CVE-2020-10510 1Sun 1Ehrd Nov 21, 2024 Mar 27, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data.
CVE-2020-1796 1Huawei 2Mate 20 Firmware Mate 30 Pro Firmware Nov 21, 2024 Mar 20, 2020 N/A· v4 6.6 MEDIUM· v3 4.6 MEDIUM· v2 There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation whi...Show more There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2).Show less
CVE-2019-11361 1Zohocorp 1Manageengine Remote Access Plus Nov 21, 2024 Mar 19, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Zoho ManageEngine Remote Access Plus 10.0.258 does not validate user permissions properly, allowing for privilege escalation and eventually a full application takeover.
CVE-2020-10239 1Joomla 1Joomla Nov 21, 2024 Mar 16, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users.
CVE-2020-5240 1Labdigital 1Wagtail 2fa Nov 21, 2024 Mar 13, 2020 N/A· v4 8.5 HIGH· v3 5.5 MEDIUM· v2 In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the othe...Show more In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially compromise the account if they figure out their password. The problem has been patched in version 1.4.1.Show less

Previous 1...132133134...150 Next