CWE-767
4 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-767page 1 of 1
- CVE-2016-8380HIGHCVSS 7.3EG 7.32018-04-05
The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.
- CVE-2020-26868HIGHCVSS 7.5EG 7.52020-10-12
ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimate web clients. This issue also affects …
- CVE-2024-34162MEDIUMCVSS 5.3EG 5.32024-11-26
The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the LDAP server in clear-text. The LDAP passwor…
- CVE-2024-36463MEDIUMCVSS 6.5EG 6.52024-11-26
The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects.
Map vulnerabilities like CWE-767 to your infrastructure
EchelonGraph correlates every CVE — across CWE-767 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →