Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-285 (授权机制不恰当) — Vulnerability Class 967

967 vulnerabilities classified as CWE-285 (授权机制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2020-10516 Improper access control in GitHub Enterprise Server leading to privilege escalation of organization member — GitHub Enterprise Server 8.8 -2020-06-03
CVE-2020-10620 Opto 22 SoftPAC Project 授权问题漏洞 — Opto 22 SoftPAC Project 9.8 -2020-05-14
CVE-2020-1998 PAN-OS: Improper SAML SSO authorization of shared local users — PAN-OS 5.4 Medium2020-05-13
CVE-2020-10686 Red Hat Keycloak 安全漏洞 — keycloak 4.1 Medium2020-05-04
CVE-2020-5333 Dell EMC RSA Archer 信息泄露漏洞 — RSA Archer 4.3 -2020-05-04
CVE-2020-1745 Red Hat Undertow 信息泄露漏洞 — undertow 8.6 High2020-04-28
CVE-2019-13554 GE Mark VIe Controller 授权问题漏洞 — GE Mark VIe Controller 9.8 -2020-04-07
CVE-2020-5289 Read permissions not enforced for client provided filter expressions in Elide http client — elide 6.8 Medium2020-03-30
CVE-2020-5275 Firewall configured with unanimous strategy was not actually unanimous in symfony/security-http — symfony 7.6 High2020-03-30
CVE-2019-14883 Moodle 安全漏洞 — moodle 5.3 -2020-03-18
CVE-2020-1720 PostgreSQL 安全漏洞 — postgresql 3.1 Low2020-03-17
CVE-2020-5240 2FA bypass through deleting devices in wagtail-2fa — wagtail-2fa 7.6 High2020-03-13
CVE-2020-5250 Possible information disclosure in PrestaShop — PrestaShop 7.6 High2020-03-05
CVE-2020-5251 Information disclosure in parse-server — parse-server 7.7 High2020-03-04
CVE-2020-5318 Dell EMC Isilon OneFS 授权问题漏洞 — Isilon OneFS 7.5 High2020-02-06
CVE-2019-15610 Nextcloud Circles 安全漏洞 — Nextcloud Circles 4.3 -2020-02-04
CVE-2020-8119 Nextcloud 授权问题漏洞 — Nextcloud Server 5.3 -2020-02-04
CVE-2020-5232 Ethereum Name Service - Malicious takeover of previously owned ENS names — @ensdomains/ens 8.7 High2020-01-30
CVE-2020-5206 Authentication Bypass For Endpoints With Anonymous Access in OpenCast — opencast 8.7 High2020-01-30
CVE-2020-5231 Opencast users with ROLE_COURSE_ADMIN can create new users — opencast 4.8 Medium2020-01-30
CVE-2019-7479 SonicWall SonicOS 授权问题漏洞 — SonicOS 7.2 -2019-12-31
CVE-2019-7489 SonicWall Email Security Appliance 授权问题漏洞 — Email Security Appliance 9.8 -2019-12-23
CVE-2019-14870 Samba 授权问题漏洞 — samba 6.5 -2019-12-10
CVE-2019-15990 Cisco Small Business Routers RV016, RV042, RV042G, and RV082 Information Disclosure Vulnerability — Cisco Small Business RV Series Router Firmware 5.3 -2019-11-26
CVE-2019-3641 Exploitation of Authorization in TIE Server — Threat Intelligence Exchange Server (TIE Server) 4.5 Medium2019-11-13
CVE-2019-3764 Dell EMC iDRAC7、iDRAC8和iDRAC9 授权问题漏洞 — Integrated Dell Remote Access Controller (iDRAC) 4.3 -2019-11-07
CVE-2019-17631 Eclipse OpenJ9 安全漏洞 — Eclipse OpenJ9 9.8 -2019-10-17
CVE-2019-12671 Cisco IOS XE Software Consent Token Bypass Vulnerability — Cisco IOS XE Software 3.2.9SG 7.8 -2019-09-25
CVE-2019-13528 Niagara AX和Niagara 授权问题漏洞 — Niagara 4.4 -2019-09-24
CVE-2019-13550 Advantech WebAccess 授权问题漏洞 — WebAccess 8.8 -2019-09-18

Vulnerabilities classified as CWE-285 (授权机制不恰当) represent 967 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.