Falhas do tipo CWE-284
4.356 resultadosCVE-2020-7573—A CWE-284 Improper Access Control vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote atEPSS 1.4%CVE-2026-39339CRITICALChurchCRM has an API Authentication BypassEPSS 1.4%CVE-2018-17953HIGHpam_access does not handle netmask matches correctlyEPSS 1.3%CVE-2021-26627HIGHEDrhyme QCP 200W Information Exposure VulnerabilityEPSS 1.3%CVE-2021-21703HIGHPHP-FPM memory access in root process leading to privilege escalationEPSS 1.3%CVE-2018-19634—CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information.EPSS 1.3%CVE-2020-3186MEDIUMCisco Firepower Threat Defense Software Management Access List Bypass VulnerabilityEPSS 1.3%CVE-2021-41194CRITICALImproper Access Control in jupyterhub-firstuseauthenticatorEPSS 1.3%CVE-2019-5644CRITICALC4G BLIS Improper Access ControlEPSS 1.3%CVE-2019-5617CRITICALC4G BLIS Improper Access ControlEPSS 1.3%CVE-2017-2664MEDIUMCloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1 lacks RBAC controls on certain methods in the rails application portEPSS 1.3%CVE-2020-3564MEDIUMCisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass VulnerabilityEPSS 1.3%CVE-2023-45744HIGHA data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU)EPSS 1.3%CVE-2020-25629—A vulnerability was found in Moodle where users with "Log in as" capability in a course context (typically, course managers) may gain accessEPSS 1.3%CVE-2020-7038HIGHAvaya Meetings Server Information Disclosure vulnerabilityEPSS 1.3%CVE-2021-1577CRITICALCisco Application Policy Infrastructure Controller Arbitrary File Read and Write VulnerabilityEPSS 1.3%CVE-2023-24320CRITICALAn access control issue in Axcora POS #0~gitf77ec09 allows unauthenticated attackers to execute arbitrary commands via unspecified vectors.EPSS 1.3%CVE-2020-7547—A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see securityEPSS 1.3%CVE-2022-27805CRITICALAn authentication bypass vulnerability exists in the GHOME control functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X anEPSS 1.3%CVE-2019-10200—A flaw was discovered in OpenShift Container Platform 4 where, by default, users with access to create pods also have the ability to schedulEPSS 1.3%