VYPR

CWE-285

Improper Authorization

ClassDraftLikelihood: High

Description

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-104 · CAPEC-127 · CAPEC-13 · CAPEC-17 · CAPEC-39 · CAPEC-402 · CAPEC-45 · CAPEC-5 · CAPEC-51 · CAPEC-59 · CAPEC-60 · CAPEC-647 · CAPEC-668 · CAPEC-76 · CAPEC-77 · CAPEC-87

CVEs mapped to this weakness (812)

page 3 of 41
  • CVE-2016-7071HigSep 10, 2018
    risk 0.57cvss 8.8epss 0.02

    It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM.

  • CVE-2017-2589HigJul 26, 2018
    risk 0.57cvss 8.7epss 0.01

    It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same…

  • CVE-2017-0926HigMar 21, 2018
    risk 0.57cvss 8.8epss 0.01

    Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the Oauth sign-in component resulting in unauthorized user login.

  • CVE-2017-2689HigMar 29, 2017
    risk 0.57cvss 8.8epss 0.01

    Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings.

  • CVE-2016-9217HigDec 26, 2016
    risk 0.57cvss 8.8epss 0.01

    A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products. More Information: CSCus99394. Known Affected Releases: 7.3(0)ZN(0.99).

  • CVE-2016-1711HigJul 23, 2016
    risk 0.57cvss 8.8epss 0.01

    WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

  • CVE-2016-1710HigJul 23, 2016
    risk 0.57cvss 8.8epss 0.01

    The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

  • CVE-2016-1906CriFeb 3, 2016
    risk 0.57cvss 9.8epss 0.05

    Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.

  • CVE-2016-5676HigAug 31, 2016
    risk 0.56cvss 7.5epss 0.54

    cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action.

  • CVE-2025-61928CriOct 9, 2025
    risk 0.55cvss epss 0.18

    Better Auth is an authentication and authorization library for TypeScript. In versions prior to 1.3.26, unauthenticated attackers can create or modify API keys for any user by passing that user's id in the request body to the `api/auth/api-key/create` route. `session?.user ??…

  • CVE-2025-30215CriApr 16, 2025
    risk 0.55cvss 9.6epss 0.01

    NATS-Server is a High-Performance server for NATS.io, the cloud and edge native messaging system. In versions starting from 2.2.0 but prior to 2.10.27 and 2.11.1, the management of JetStream assets happens with messages in the $JS. subject namespace in the system account; this…

  • CVE-2025-29922CriMar 20, 2025
    risk 0.55cvss 9.6epss 0.00

    kcp is a Kubernetes-like control plane for form-factors and use-cases beyond Kubernetes and container workloads. Prior to 0.26.3, the identified vulnerability allows creating or deleting an object via the APIExport VirtualWorkspace in any arbitrary target workspace for…

  • CVE-2026-33950CriApr 2, 2026
    risk 0.54cvss 9.4epss 0.00

    Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.24.0-beta.4, there is a privilege escalation vulnerability by Admin Role Injection via /enableSecurity. An unauthenticated attacker can gain full Administrator access to the SignalK…

  • CVE-2026-32916CriMar 31, 2026
    risk 0.54cvss 9.4epss 0.00

    OpenClaw versions 2026.3.7 before 2026.3.11 contain an authorization bypass vulnerability where plugin subagent routes execute gateway methods through a synthetic operator client with broad administrative scopes. Remote unauthenticated requests to plugin-owned routes can invoke…

  • CVE-2025-3014HigMar 31, 2025
    risk 0.54cvss epss 0.00

    Insecure Direct Object References (IDOR) in access control in Tracking 2.1.4 on NightWolf Penetration Testing allows an attacker to access via manipulating request parameters or object references.

  • CVE-2025-3013HigMar 31, 2025
    risk 0.54cvss epss 0.00

    Insecure Direct Object References (IDOR) in access control in Customer Portal before 2.1.4 on NightWolf Penetration Testing allows an attacker to access via manipulating request parameters or object references.

  • CVE-2026-45503HigJun 9, 2026
    risk 0.53cvss 8.1epss 0.00

    Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.

  • CVE-2026-46484HigJun 8, 2026
    risk 0.53cvss 8.1epss 0.00

    Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3…

  • CVE-2026-9397HigMay 24, 2026
    risk 0.53cvss 8.1epss 0.00

    A weakness has been identified in Besen BS20 EV Charging Station up to 20260426. Affected by this issue is some unknown functionality of the component OTA Update Installation Handler. This manipulation causes improper authorization. The attack is possible to be carried out…

  • CVE-2025-11521HigNov 11, 2025
    risk 0.53cvss 8.1epss 0.00

    The Astra Security Suite – Firewall & Malware Scan plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient validation of remote URLs for zip downloads and an easily guessable key in all versions up to, and including, 0.2. This makes it possible for…