CWE-284
Improper Access Control
Description
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Hierarchy (View 1000)
Parents
none
Children
- CWE-1191
- CWE-1220
- CWE-1224
- CWE-1231
- CWE-1233
- CWE-1252
- CWE-1257
- CWE-1259
- CWE-1260
- CWE-1262
- CWE-1263
- CWE-1267
- CWE-1270
- CWE-1274
- CWE-1276
- CWE-1280
- CWE-1283
- CWE-1290
- CWE-1292
- CWE-1294
- CWE-1296
- CWE-1304
- CWE-1311
- CWE-1312
- CWE-1313
- CWE-1315
- CWE-1316
- CWE-1317
- CWE-1320
- CWE-1323
- CWE-1334
- CWE-269
- CWE-282
- CWE-285
- CWE-286
- CWE-287
- CWE-346
- CWE-749
- CWE-923
Related attack patterns (CAPEC)
CAPEC-19 · CAPEC-441 · CAPEC-478 · CAPEC-479 · CAPEC-502 · CAPEC-503 · CAPEC-536 · CAPEC-546 · CAPEC-550 · CAPEC-551 · CAPEC-552 · CAPEC-556 · CAPEC-558 · CAPEC-562 · CAPEC-563 · CAPEC-564 · CAPEC-578
CVEs mapped to this weakness (1,923)
page 14 of 97| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-5273 | Hig | 0.57 | 8.8 | 0.01 | Sep 22, 2016 | The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site. | |
| CVE-2016-5383 | Hig | 0.57 | 8.8 | 0.01 | Aug 26, 2016 | The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters." | |
| CVE-2016-0760 | Hig | 0.57 | 8.8 | 0.01 | Aug 19, 2016 | Multiple incomplete blacklist vulnerabilities in Apache Sentry before 1.7.0 allow remote authenticated users to execute arbitrary code via the (1) reflect, (2) reflect2, or (3) java_method Hive builtin functions. | |
| CVE-2016-6258 | Hig | 0.57 | 8.8 | 0.00 | Aug 2, 2016 | The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries. | |
| CVE-2016-0315 | Hig | 0.57 | 8.8 | 0.00 | Jul 8, 2016 | The Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 maintain session ID validity after a logout action, which allows remote authenticated users to hijack sessions by leveraging an unattended workstation. | |
| CVE-2016-0906 | Hig | 0.57 | 8.8 | 0.00 | Jul 6, 2016 | The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup-restore operation. | |
| CVE-2016-5101 | Hig | 0.57 | 8.8 | 0.01 | Jun 29, 2016 | Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted e-mail message. | |
| CVE-2016-4813 | Hig | 0.57 | 8.8 | 0.00 | Jun 19, 2016 | NetCommons 2.4.2.1 and earlier allows remote authenticated secretariat (aka CLERK) users to gain privileges by creating a SYSTEM_ADMIN account. | |
| CVE-2016-2831 | Hig | 0.57 | 8.8 | 0.01 | Jun 13, 2016 | Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site. | |
| CVE-2016-2785 | Cri | 0.57 | 9.8 | 0.00 | Jun 10, 2016 | Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding. | |
| CVE-2016-4369 | Hig | 0.57 | 8.8 | 0.00 | Jun 8, 2016 | HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | |
| CVE-2016-1697 | Hig | 0.57 | 8.8 | 0.02 | Jun 5, 2016 | The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. | |
| CVE-2016-1696 | Hig | 0.57 | 8.8 | 0.01 | Jun 5, 2016 | The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | |
| CVE-2016-1676 | Hig | 0.57 | 8.8 | 0.01 | Jun 5, 2016 | extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | |
| CVE-2016-1675 | Hig | 0.57 | 8.8 | 0.01 | Jun 5, 2016 | Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp. | |
| CVE-2016-1672 | Hig | 0.57 | 8.8 | 0.01 | Jun 5, 2016 | The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vectors. | |
| CVE-2016-1406 | Hig | 0.57 | 8.8 | 0.00 | May 25, 2016 | The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID CSCuy12409. | |
| CVE-2016-3728 | Hig | 0.57 | 8.8 | 0.02 | May 20, 2016 | Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE template type portion of the PATH_INFO to tftp/. | |
| CVE-2016-1668 | Hig | 0.57 | 8.8 | 0.01 | May 14, 2016 | The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.102, uses an improper creation context, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | |
| CVE-2016-1667 | Hig | 0.57 | 8.8 | 0.01 | May 14, 2016 | The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. |
- risk 0.57cvss 8.8epss 0.01
The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site.
- risk 0.57cvss 8.8epss 0.01
The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters."
- risk 0.57cvss 8.8epss 0.01
Multiple incomplete blacklist vulnerabilities in Apache Sentry before 1.7.0 allow remote authenticated users to execute arbitrary code via the (1) reflect, (2) reflect2, or (3) java_method Hive builtin functions.
- risk 0.57cvss 8.8epss 0.00
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
- risk 0.57cvss 8.8epss 0.00
The Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 maintain session ID validity after a logout action, which allows remote authenticated users to hijack sessions by leveraging an unattended workstation.
- risk 0.57cvss 8.8epss 0.00
The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup-restore operation.
- risk 0.57cvss 8.8epss 0.01
Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted e-mail message.
- risk 0.57cvss 8.8epss 0.00
NetCommons 2.4.2.1 and earlier allows remote authenticated secretariat (aka CLERK) users to gain privileges by creating a SYSTEM_ADMIN account.
- risk 0.57cvss 8.8epss 0.01
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.
- risk 0.57cvss 9.8epss 0.00
Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding.
- risk 0.57cvss 8.8epss 0.00
HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
- risk 0.57cvss 8.8epss 0.02
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
- risk 0.57cvss 8.8epss 0.01
The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
- risk 0.57cvss 8.8epss 0.01
extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
- risk 0.57cvss 8.8epss 0.01
Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp.
- risk 0.57cvss 8.8epss 0.01
The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vectors.
- risk 0.57cvss 8.8epss 0.00
The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID CSCuy12409.
- risk 0.57cvss 8.8epss 0.02
Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE template type portion of the PATH_INFO to tftp/.
- risk 0.57cvss 8.8epss 0.01
The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.102, uses an improper creation context, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
- risk 0.57cvss 8.8epss 0.01
The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.