Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-863 (授权机制不正确) — Vulnerability Class 1242

1242 vulnerabilities classified as CWE-863 (授权机制不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-36039 Magento Commerce `quoteId` parameter Incorrect Authorization Vulnerability Could Lead To Information Disclosure — Magento Commerce 6.5 Medium2021-09-01
CVE-2021-39156 Fragments in Path May Lead to Authorization Policy Bypass — istio 8.1 High2021-08-24
CVE-2020-28397 Siemens SIMATIC S7-1500 CPU和SIMATIC S7-1500 授权问题漏洞 — SIMATIC Drive Controller family 7.5 -2021-08-10
CVE-2021-33718 Siemens Mendix 安全漏洞 — Mendix Applications using Mendix 7 5.3 -2021-07-13
CVE-2021-24405 Easy Cookie Policy <= 1.6.2 - Broken Access Control to Stored Cross-Site Scripting — Easy Cookies Policy 8.5 -2021-07-06
CVE-2021-32701 Possible bypass of token claim validation when OAuth2 Introspection caching is enabled — oathkeeper 7.5 High2021-06-22
CVE-2010-2525 Red Hat GFS2 安全漏洞 — kernel 7.8 -2021-06-22
CVE-2010-1435 Joomla 权限许可和访问控制问题漏洞 — Joomla 9.8 -2021-06-21
CVE-2021-24379 Comments Like Dislike < 1.1.4 - Add Like/Dislike Bypass — Comments Like Dislike 5.3 -2021-06-21
CVE-2021-1540 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities — Cisco ASR 5000 Series Software 8.1 High2021-06-04
CVE-2021-1539 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities — Cisco ASR 5000 Series Software 8.1 High2021-06-04
CVE-2021-3469 Foreman 安全漏洞 — Foreman 6.3 -2021-06-03
CVE-2021-3499 OVN Kubernetes 安全漏洞 — openshift/ovn-kubernetes 7.0 -2021-06-02
CVE-2021-20306 Red Hat BPMN Editor 安全漏洞 — Business-central 4.3 -2021-06-01
CVE-2020-1729 SmallRye 安全漏洞 — SmallRye 4.4 -2021-05-28
CVE-2021-21552 Dell Wyse Management Suite 安全漏洞 — Wyse Windows Embedded (WES) 5.2 Medium2021-05-21
CVE-2021-24278 Redirection for Contact Form 7 < 2.3.4 - Unauthenticated Arbitrary Nonce Generation — Redirection for Contact Form 7 7.5 -2021-05-14
CVE-2021-24279 Redirection for Contact Form 7 < 2.3.4 - Authenticated Arbitrary Plugin Installation — Redirection for Contact Form 7 6.5 -2021-05-14
CVE-2021-24281 Redirection for Contact Form 7 < 2.3.4 - Authenticated Arbitrary Post Deletion — Redirection for Contact Form 7 6.5 -2021-05-14
CVE-2021-24282 Redirection for Contact Form 7 < 2.3.4 - Unprotected AJAX Actions — Redirection for Contact Form 7 6.3 -2021-05-14
CVE-2021-3457 Foreman 安全漏洞 — smart_proxy_shellhooks 7.3 -2021-05-12
CVE-2021-24244 WPBakery Page Builder Clipboard < 4.5.8 - Unauthorised Arbitrary License Options Update — WPBakery Page Builder (Visual Composer) Clipboard 6.5 -2021-05-05
CVE-2021-29439 Plugins can be installed with minimal admin privileges — grav-plugin-admin 7.2 High2021-04-13
CVE-2021-29437 Account compromise by man-in-the-middle attack — ScratchOAuth2 8.0 High2021-04-13
CVE-2021-29943 Apache Solr Unprivileged users may be able to perform unauthorized read/write to collections — Apache Solr 9.1 -2021-04-13
CVE-2020-36287 Atlassian JIRA Server和Atlassian JIRA Data Center 安全漏洞 — Jira Server 5.3 -2021-04-09
CVE-2021-24207 WP Page Builder < 1.2.4 - Insecure default configuration Allows Subscribers Editing Access to Posts — WP Page Builder 4.3 -2021-04-05
CVE-2020-36238 Atlassian Jira Server and Data Center 安全漏洞 — Jira Server 5.3 -2021-04-01
CVE-2021-21411 Incorrect authorization in OAuth2-Proxy — oauth2-proxy 5.5 Medium2021-03-26
CVE-2021-21389 BuddyPress privilege escalation via REST API — BuddyPress 8.1 High2021-03-26

Vulnerabilities classified as CWE-863 (授权机制不正确) represent 1242 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.