VYPR

CWE-673

External Influence of Sphere Definition

ClassDraft

Description

The product does not prevent the definition of control spheres from external actors.

Typically, a product defines its control sphere within the code itself, or through configuration by the product's administrator. In some cases, an external party can change the definition of the control sphere. This is typically a resultant weakness.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (2)

  • CVE-2025-30075LowSep 16, 2025
    risk 0.14cvss 2.2epss 0.00

    In Alludo MindManager before 25.0.208 on Windows, attackers could potentially execute code as other local users on the same machine if they could write DLL files to directories within victims' DLL search paths.

  • CVE-2024-43414Aug 27, 2024
    risk 0.00cvss epss 0.01

    Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Each team can own their slice of the graph independently, empowering them to deliver autonomously and incrementally. Instances of @apollo/query-planner >=2.0.0 and <2.8.5 are impacted by…