CWE-285
Improper Authorization
Description
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-1 · CAPEC-104 · CAPEC-127 · CAPEC-13 · CAPEC-17 · CAPEC-39 · CAPEC-402 · CAPEC-45 · CAPEC-5 · CAPEC-51 · CAPEC-59 · CAPEC-60 · CAPEC-647 · CAPEC-668 · CAPEC-76 · CAPEC-77 · CAPEC-87
CVEs mapped to this weakness (812)
page 35 of 41| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-5798 | 0.00 | — | 0.00 | Jun 12, 2024 | Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed… | |||
| CVE-2024-4146 | 0.00 | — | 0.01 | Jun 8, 2024 | In lunary-ai/lunary version v1.2.13, an incorrect authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. Specifically, the vulnerability is located in the `checkProjectAccess`… | |||
| CVE-2024-37154 | 0.00 | — | 0.00 | Jun 6, 2024 | Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. Users are able to delegate tokens that have not yet been vested. This affects employees and grantees who have funds managed via `ClawbackVestingAccount`. This affects 18.1.0 and earlier. | |||
| CVE-2024-5138 | — | 0.00 | — | 0.01 | May 31, 2024 | The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised… | ||
| CVE-2024-31452 | 0.00 | — | 0.01 | Apr 16, 2024 | OpenFGA is a high-performance and flexible authorization/permission engine. Some end users of OpenFGA v1.5.0 or later are vulnerable to authorization bypass when calling Check or ListObjects APIs. You are very likely affected if your model involves exclusion (e.g. `a but not b`)… | |||
| CVE-2024-30260 | 0.00 | — | 0.01 | Apr 4, 2024 | Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did not clear them for `undici.request()`. This vulnerability was patched in version(s) 5.28.4 and 6.11.1. | |||
| CVE-2024-29033 | 0.00 | — | 0.01 | Mar 20, 2024 | OAuthenticator provides plugins for JupyterHub to use common OAuth providers, as well as base classes for writing one's own Authenticators with any OAuth 2.0 provider. `GoogleOAuthenticator.hosted_domain` is used to restrict what Google accounts can be authorized access to a… | |||
| CVE-2024-27916 | 0.00 | — | 0.01 | Mar 6, 2024 | Minder is a software supply chain security platform. Prior to version 0.0.33, a Minder user can use the endpoints `GetRepositoryByName`, `DeleteRepositoryByName`, and `GetArtifactByName` to access any repository in the database, irrespective of who owns the repo and any… | |||
| CVE-2024-25108 | 0.00 | — | 0.01 | Feb 12, 2024 | Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and moderator functionality of the… | |||
| CVE-2023-46942 | — | 0.00 | — | 0.01 | Jan 13, 2024 | Lack of authentication in NPM's package @evershop/evershop before version 1.0.0-rc.8, allows remote attackers to obtain sensitive information via improper authorization in GraphQL endpoints. | ||
| CVE-2023-48309 | 0.00 | — | 0.01 | Nov 20, 2023 | NextAuth.js provides authentication for Next.js. `next-auth` applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issued JWT from an… | |||
| CVE-2023-48241 | 0.00 | — | 0.73 | Nov 20, 2023 | XWiki Platform is a generic wiki platform. Starting in version 6.3-milestone-2 and prior to versions 14.10.15, 15.5.1, and 15.6RC1, the Solr-based search suggestion provider that also duplicates as generic JavaScript API for search results in XWiki exposes the content of all… | |||
| CVE-2023-47037 | 0.00 | — | 0.01 | Nov 12, 2023 | We failed to apply CVE-2023-40611 in 2.7.1 and this vulnerability was marked as fixed then. Apache Airflow, versions before 2.7.3, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting… | |||
| CVE-2023-47109 | 0.00 | — | 0.01 | Nov 8, 2023 | PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project… | |||
| CVE-2023-5654 | — | 0.00 | — | 0.00 | Oct 19, 2023 | The React Developer Tools extension registers a message listener with window.addEventListener('message', ) in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received… | ||
| CVE-2023-38220 | 0.00 | — | 0.01 | Oct 13, 2023 | Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Authorization vulnerability that could lead in a security feature bypass in a way that an attacker could access unauthorised… | |||
| CVE-2023-42453 | 0.00 | — | 0.01 | Sep 26, 2023 | Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This… | |||
| CVE-2023-3518 | 0.00 | — | 0.00 | Aug 9, 2023 | HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1. | |||
| CVE-2023-36826 | 0.00 | — | 0.01 | Jul 25, 2023 | Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a… | |||
| CVE-2023-3574 | — | 0.00 | — | 0.00 | Jul 10, 2023 | Improper Authorization in GitHub repository pimcore/customer-data-framework prior to 3.4.1. |
- CVE-2024-5798Jun 12, 2024risk 0.00cvss —epss 0.00
Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing an invalid login to succeed…
- CVE-2024-4146Jun 8, 2024risk 0.00cvss —epss 0.01
In lunary-ai/lunary version v1.2.13, an incorrect authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. Specifically, the vulnerability is located in the `checkProjectAccess`…
- CVE-2024-37154Jun 6, 2024risk 0.00cvss —epss 0.00
Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. Users are able to delegate tokens that have not yet been vested. This affects employees and grantees who have funds managed via `ClawbackVestingAccount`. This affects 18.1.0 and earlier.
- CVE-2024-5138May 31, 2024risk 0.00cvss —epss 0.01
The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised…
- CVE-2024-31452Apr 16, 2024risk 0.00cvss —epss 0.01
OpenFGA is a high-performance and flexible authorization/permission engine. Some end users of OpenFGA v1.5.0 or later are vulnerable to authorization bypass when calling Check or ListObjects APIs. You are very likely affected if your model involves exclusion (e.g. `a but not b`)…
- CVE-2024-30260Apr 4, 2024risk 0.00cvss —epss 0.01
Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did not clear them for `undici.request()`. This vulnerability was patched in version(s) 5.28.4 and 6.11.1.
- CVE-2024-29033Mar 20, 2024risk 0.00cvss —epss 0.01
OAuthenticator provides plugins for JupyterHub to use common OAuth providers, as well as base classes for writing one's own Authenticators with any OAuth 2.0 provider. `GoogleOAuthenticator.hosted_domain` is used to restrict what Google accounts can be authorized access to a…
- CVE-2024-27916Mar 6, 2024risk 0.00cvss —epss 0.01
Minder is a software supply chain security platform. Prior to version 0.0.33, a Minder user can use the endpoints `GetRepositoryByName`, `DeleteRepositoryByName`, and `GetArtifactByName` to access any repository in the database, irrespective of who owns the repo and any…
- CVE-2024-25108Feb 12, 2024risk 0.00cvss —epss 0.01
Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and moderator functionality of the…
- CVE-2023-46942Jan 13, 2024risk 0.00cvss —epss 0.01
Lack of authentication in NPM's package @evershop/evershop before version 1.0.0-rc.8, allows remote attackers to obtain sensitive information via improper authorization in GraphQL endpoints.
- CVE-2023-48309Nov 20, 2023risk 0.00cvss —epss 0.01
NextAuth.js provides authentication for Next.js. `next-auth` applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issued JWT from an…
- CVE-2023-48241Nov 20, 2023risk 0.00cvss —epss 0.73
XWiki Platform is a generic wiki platform. Starting in version 6.3-milestone-2 and prior to versions 14.10.15, 15.5.1, and 15.6RC1, the Solr-based search suggestion provider that also duplicates as generic JavaScript API for search results in XWiki exposes the content of all…
- CVE-2023-47037Nov 12, 2023risk 0.00cvss —epss 0.01
We failed to apply CVE-2023-40611 in 2.7.1 and this vulnerability was marked as fixed then. Apache Airflow, versions before 2.7.3, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting…
- CVE-2023-47109Nov 8, 2023risk 0.00cvss —epss 0.01
PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project…
- CVE-2023-5654Oct 19, 2023risk 0.00cvss —epss 0.00
The React Developer Tools extension registers a message listener with window.addEventListener('message', ) in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received…
- CVE-2023-38220Oct 13, 2023risk 0.00cvss —epss 0.01
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Authorization vulnerability that could lead in a security feature bypass in a way that an attacker could access unauthorised…
- CVE-2023-42453Sep 26, 2023risk 0.00cvss —epss 0.01
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This…
- CVE-2023-3518Aug 9, 2023risk 0.00cvss —epss 0.00
HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1.
- CVE-2023-36826Jul 25, 2023risk 0.00cvss —epss 0.01
Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a…
- CVE-2023-3574Jul 10, 2023risk 0.00cvss —epss 0.00
Improper Authorization in GitHub repository pimcore/customer-data-framework prior to 3.4.1.