VYPR

CWE-285

Improper Authorization

ClassDraftLikelihood: High

Description

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-104 · CAPEC-127 · CAPEC-13 · CAPEC-17 · CAPEC-39 · CAPEC-402 · CAPEC-45 · CAPEC-5 · CAPEC-51 · CAPEC-59 · CAPEC-60 · CAPEC-647 · CAPEC-668 · CAPEC-76 · CAPEC-77 · CAPEC-87

CVEs mapped to this weakness (812)

page 1 of 41
  • CVE-2026-33105CriApr 3, 2026
    risk 0.65cvss 10.0epss 0.01

    Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2026-32213CriApr 3, 2026
    risk 0.65cvss 10.0epss 0.01

    Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2016-5788CriNov 25, 2016
    risk 0.65cvss 10.0epss 0.02

    General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors.

  • CVE-2026-30496CriMay 7, 2026
    risk 0.64cvss 9.8epss 0.00

    The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports both reading configuration (74 endpoints) and writing/modifying settings including…

  • CVE-2025-31255CriSep 15, 2025
    risk 0.64cvss 9.8epss 0.01

    An authorization issue was addressed with improved state management. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, watchOS 26. An app may be able to access sensitive user data.

  • CVE-2025-7778CriAug 15, 2025
    risk 0.64cvss 9.8epss 0.01

    The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation within the delete_files() function in all versions up to, and including, 1.6.12. This makes it possible for unauthenticated attackers to…

  • CVE-2025-4631CriMay 31, 2025
    risk 0.64cvss 9.8epss 0.01

    The Profitori plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the stocktend_object endpoint in versions 2.0.6.0 to 2.1.1.3. This makes it possible to trigger the save_object_as_user() function for objects whose '_datatype' is set…

  • CVE-2025-3918CriMay 3, 2025
    risk 0.64cvss 9.8epss 0.00

    The Job Listings plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the register_action() function in versions 0.1 to 0.1.1. The plugin’s registration handler reads the client-supplied $_POST['user_role'] and passes it directly to…

  • CVE-2025-2345CriMar 16, 2025
    risk 0.64cvss 9.8epss 0.01

    A vulnerability, which was classified as very critical, was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. This affects an unknown part. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The vendor was contacted early…

  • CVE-2024-28285CriMay 14, 2024
    risk 0.64cvss 9.8epss 0.01

    A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate privileges.

  • CVE-2017-16743CriJan 12, 2018
    risk 0.64cvss 9.8epss 0.03

    An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. A remote unauthenticated attacker may be able to craft special HTTP requests allowing an attacker to bypass web-service…

  • CVE-2017-6044CriJun 30, 2017
    risk 0.64cvss 9.8epss 0.04

    An Improper Authorization issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Several files and directories can be accessed without authentication, which may allow a remote attacker to…

  • CVE-2016-0922CriSep 18, 2016
    risk 0.64cvss 9.8epss 0.01

    EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force guessing attack.

  • CVE-2016-6825CriSep 7, 2016
    risk 0.64cvss 9.8epss 0.02

    Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, and RH2288H V3 servers with software before V100R003C00SPC515 allow remote…

  • CVE-2016-5799CriAug 24, 2016
    risk 0.64cvss 9.8epss 0.04

    Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

  • CVE-2026-33823CriMay 7, 2026
    risk 0.62cvss 9.6epss 0.01

    Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.

  • CVE-2017-11398HigJan 19, 2018
    risk 0.61cvss 8.8epss 0.08

    A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthenticated attacker to hijack active user sessions to perform authenticated requests on a vulnerable system.

  • CVE-2026-45052criJun 24, 2026
    risk 0.59cvss epss

    ## Summary **Description** An Improper Authorization (CWE-285) issue in OpenAM's Liberty Web Services SOAP receiver allows an unauthenticated remote attacker to write persistent entries into the Liberty Discovery store on any user's LDAP entry, and into a shared root-realm…

  • CVE-2026-48579CriJun 4, 2026
    risk 0.59cvss 9.1epss 0.01

    Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network.

  • CVE-2019-19723criSep 4, 2020
    risk 0.59cvss epss 0.00

    All versions of `passport-cognito` are vulnerable to Improper Authorization. The package fails to properly scope the variables containing authorization information, such as access token, refresh token and ID token. This causes a race condition where simultaneous authenticated…