CVE-2023-46819

MEDIUM Year: 2023
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-306
View all →

Vulnerability Description

Missing Authentication in Apache Software Foundation Apache OFBiz when using the Solr plugin. This issue affects Apache OFBiz: before 18.12.09. Users are recommended to upgrade to version 18.12.09

Related Vulnerabilities

CVE-2011-4190

MEDIUM
CVSS:5.3(Medium)

The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. This is similar to CVE-2011-3588, but different in tha...

CWE-3062011

CVE-2017-15123

MEDIUM
CVSS:5.3(Medium)

A flaw was found in the CloudForms web interface, versions 5.8 - 5.10, where the RSS feed URLs are not properly restricted to authenticated users only. An attacker could use this flaw to view potentia...

CWE-3062017

CVE-2018-1501

MEDIUM
CVSS:5.3(Medium)

IBM Security Guardium 10.5, 10.6, and 11.0 could allow an unauthorized user to obtain sensitive information due to missing security controls. IBM X-Force ID: 141226.

CWE-3062018

CVE-2018-1757

MEDIUM
CVSS:5.3(Medium)

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 could allow an attacker to obtain sensitive information due to missing authentication in IGI for the survey application. IBM X-Force...

CWE-3062018

CVE-2018-20507

MEDIUM
CVSS:5.3(Medium)

An issue was discovered in GitLab Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.

CWE-3062018

CVE-2019-0312

MEDIUM
CVSS:5.3(Medium)

Several web pages provided SAP NetWeaver Process Integration (versions: SAP_XIESR: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP_XITOOL: 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50) are not password pro...

CWE-3062019