CWE-862— Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.— MITRE CWE catalog
8,515 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-862page 51 of 171
- CVE-2023-42636MEDIUMCVSS 5.5EG 5.52023-11-01
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42637MEDIUMCVSS 5.5EG 5.52023-11-01
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42638MEDIUMCVSS 5.5EG 5.52023-11-01
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42639MEDIUMCVSS 5.5EG 5.52023-11-01
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42640MEDIUMCVSS 5.5EG 5.52023-11-01
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42641MEDIUMCVSS 5.5EG 5.52023-11-01
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42642MEDIUMCVSS 5.5EG 5.52023-11-01
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42643MEDIUMCVSS 5.5EG 5.52023-11-01
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42644MEDIUMCVSS 5.5EG 5.52023-11-01
In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42646MEDIUMCVSS 5.5EG 5.52023-11-01
In Ifaa service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42648MEDIUMCVSS 5.5EG 5.52023-11-01
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42650MEDIUMCVSS 5.5EG 5.52023-11-01
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42651MEDIUMCVSS 5.5EG 5.52023-11-01
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42652MEDIUMCVSS 5.5EG 5.52023-11-01
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42654MEDIUMCVSS 5.5EG 5.52023-11-01
In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42655MEDIUMCVSS 6.7EG 6.72023-11-01
In sim service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed
- CVE-2023-42671MEDIUMCVSS 5.5EG 5.52023-12-04
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42672MEDIUMCVSS 5.5EG 5.52023-12-04
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42673MEDIUMCVSS 5.5EG 5.52023-12-04
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42674MEDIUMCVSS 5.5EG 5.52023-12-04
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42675MEDIUMCVSS 5.5EG 5.52023-12-04
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42676MEDIUMCVSS 5.5EG 5.52023-12-04
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42677MEDIUMCVSS 5.5EG 5.52023-12-04
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42678MEDIUMCVSS 5.5EG 5.52023-12-04
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42681HIGHCVSS 7.8EG 7.82023-12-04
In ion service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-42685HIGHCVSS 7.8EG 7.82023-12-04
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-42686HIGHCVSS 7.8EG 7.82023-12-04
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-42687HIGHCVSS 7.8EG 7.82023-12-04
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-42688HIGHCVSS 7.8EG 7.82023-12-04
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-42689HIGHCVSS 7.8EG 7.82023-12-04
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-4269MEDIUMCVSS 4.3EG 4.32023-09-04
The User Activity Log WordPress plugin before 1.6.6 lacks proper authorisation when exporting its activity logs, allowing any authenticated users, such as subscriber to perform such action and retrieve PII such as email addresses.
- CVE-2023-42690HIGHCVSS 7.8EG 7.82023-12-04
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-42691HIGHCVSS 7.8EG 7.82023-12-04
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-42692HIGHCVSS 7.8EG 7.82023-12-04
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-42693HIGHCVSS 7.8EG 7.82023-12-04
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-42694HIGHCVSS 7.8EG 7.82023-12-04
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-42695HIGHCVSS 7.8EG 7.82023-12-04
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-42696HIGHCVSS 7.8EG 7.82023-12-04
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
- CVE-2023-42697MEDIUMCVSS 5.5EG 5.52023-12-04
In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42698MEDIUMCVSS 5.5EG 5.52023-12-04
In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42699MEDIUMCVSS 5.5EG 5.52023-12-04
In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42700MEDIUMCVSS 5.5EG 5.52023-12-04
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42701MEDIUMCVSS 5.5EG 5.52023-12-04
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42702MEDIUMCVSS 5.5EG 5.52023-12-04
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42703MEDIUMCVSS 5.5EG 5.52023-12-04
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42704MEDIUMCVSS 5.5EG 5.52023-12-04
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42705MEDIUMCVSS 5.5EG 5.52023-12-04
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42706MEDIUMCVSS 5.5EG 5.52023-12-04
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42707MEDIUMCVSS 5.5EG 5.52023-12-04
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
- CVE-2023-42708MEDIUMCVSS 5.5EG 5.52023-12-04
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
Map vulnerabilities like CWE-862 to your infrastructure
EchelonGraph correlates every CVE — across CWE-862 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →