Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-285 (授权机制不恰当) — Vulnerability Class 972

972 vulnerabilities classified as CWE-285 (授权机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-28501 An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration. — Terminattr 9.1 Critical2022-01-14
CVE-2022-22288 SAMSUNG Galaxy Store 安全漏洞 — Galaxy Store 7.5 High2022-01-07
CVE-2022-22269 Samsung SMR安全漏洞 — Samsung Mobile Devices 4.0 Medium2022-01-07
CVE-2022-22267 Samsung SMR 安全漏洞 — Samsung Mobile Devices 4.0 Medium2022-01-07
CVE-2022-22272 Samsung SMR 安全漏洞 — Samsung Mobile Devices 4.0 Medium2022-01-07
CVE-2022-22268 Samsung SMR安全漏洞 — Samsung Mobile Devices 6.1 Medium2022-01-07
CVE-2020-9061 Silicon Labs Z-Wave Chipsets 授权问题漏洞 — ZST10 6.5 -2022-01-07
CVE-2021-3837 Improper Authorization in openwhyd/openwhyd — openwhyd/openwhyd 6.1 -2022-01-03
CVE-2021-43847 Authorization Bypass in Space Invite in HumHub — humhub 6.5 Medium2021-12-20
CVE-2021-25521 Samsung Internet 跨站脚本漏洞 — Samsung Internet 4.0 Medium2021-12-08
CVE-2021-42126 Ivanti Avalanche 安全漏洞 — Ivanti Avalanche 8.8 -2021-12-07
CVE-2021-36311 DELL EMC NetWorker 安全漏洞 — NetWorker 6.0 Medium2021-11-23
CVE-2021-42338 4MOSAn GCB Doctor - Improper Authorization — GCB Doctor 9.8 Critical2021-11-19
CVE-2021-42337 TVN-202110009 — CASH 4.3 Medium2021-11-16
CVE-2021-25507 SAMSUNG Flow 安全漏洞 — Samsung Flow 5.7 Medium2021-11-05
CVE-2021-25973 Publify - Improper Authorization Leads to Guest Signup Restriction Bypass — publify_core 6.5 Medium2021-11-02
CVE-2021-39341 OptinMonster <= 2.6.4 Unprotected REST-API Endpoints — OptinMonster 8.2 High2021-11-01
CVE-2021-41313 Atlassian Jira 安全漏洞 — Jira Server 4.3 -2021-11-01
CVE-2021-41308 Atlassian Jira 安全漏洞 — Jira Server 6.5 -2021-10-26
CVE-2021-31384 Junos OS: SRX Series: Under a specific device configuration an attacker can access the devices J-Web management services from any interface, regardless of security settings protecting the service — Junos OS 7.2 High2021-10-19
CVE-2021-38486 InHand Networks IR615 Router — IR615 Router 8.0 High2021-10-19
CVE-2021-42336 Huachu Digital Technology Co.,Ltd. Easytest - Improper Authorization — Easytest 4.3 Medium2021-10-15
CVE-2021-42332 ShinHer Information Co., LTD. ShinHer StudyOnline System - Improper Authorization-3 — ShinHer StudyOnline System 4.3 Medium2021-10-15
CVE-2021-42331 ShinHer Information Co., LTD. ShinHer StudyOnline System - Improper Authorization-2 — ShinHer StudyOnline System 5.4 Medium2021-10-15
CVE-2021-42330 ShinHer Information Co., LTD. ShinHer StudyOnline System - Improper Authorization-1 — ShinHer StudyOnline System 8.8 High2021-10-15
CVE-2021-41137 Bypassing policy restrictions on regular users — minio 8.8 High2021-10-13
CVE-2021-33723 Siemens SINEC NMS 安全漏洞 — SINEC NMS 6.5 -2021-10-12
CVE-2021-39317 AccessPress Themes - Authenticated Malicious File Upload — Access Demo Importer 8.8 High2021-10-11
CVE-2021-41976 Tad Uploader - Improper Authorization — Uploader 5.3 Medium2021-10-08
CVE-2021-41975 Tad TadTools - Improper Authorization — TadTools 7.5 High2021-10-08

Vulnerabilities classified as CWE-285 (授权机制不恰当) represent 972 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.