VYPR

CWE-863

Incorrect Authorization

ClassIncompleteLikelihood: High

Description

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Hierarchy (View 1000)

CVEs mapped to this weakness (1,530)

page 14 of 77
  • CVE-2020-12691HigMay 7, 2020
    risk 0.51cvss 8.8epss 0.05

    An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to…

  • CVE-2018-9492HigOct 2, 2018
    risk 0.51cvss 7.8epss 0.00

    In checkGrantUriPermissionLocked of ActivityManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:…

  • CVE-2018-0337HigJun 21, 2018
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the role-based access-checking mechanisms of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected device. The vulnerability exists because the affected software lacks proper input and validation checks…

  • CVE-2018-0338HigJun 7, 2018
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System (UCS) Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper…

  • CVE-2017-4946HigJan 5, 2018
    risk 0.51cvss 7.8epss 0.01

    The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a privilege escalation vulnerability. Successful exploitation of this issue could result in a low privileged windows user escalating their privileges to SYSTEM.

  • CVE-2017-8192HigNov 22, 2017
    risk 0.51cvss 7.8epss 0.00

    FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation.

  • CVE-2017-12261HigNov 2, 2017
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is accessible via SSH could allow an authenticated, local attacker to run arbitrary CLI commands with elevated privileges. The vulnerability is due to incomplete input validation of the user…

  • CVE-2017-5618HigMar 20, 2017
    risk 0.51cvss 7.8epss 0.01

    GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions.

  • CVE-2009-0034HigJan 30, 2009
    risk 0.51cvss 7.8epss 0.00

    parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via…

  • CVE-2026-53843HigJun 16, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.5.26 contains an authorization bypass vulnerability where a surviving pairing-scoped device session can re-establish node token authority after revocation. Attackers with a paired device can regain WebSocket node-level access without renewed approval,…

  • CVE-2026-53828HigJun 12, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command handling that allows authenticated senders to execute owner-only commands without proper policy enforcement. Attackers can trigger native command handling to bypass the configured…

  • CVE-2026-7387HigJun 12, 2026
    risk 0.50cvss 8.8epss 0.00

    Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 Mattermost fails to require role-management authorization when setting the scheme_admin flag on group syncable link and patch endpoints, which allows a user with group-link…

  • CVE-2026-53807HigJun 11, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive callbacks that allows authenticated users to skip commands.allowFrom validation. Attackers can invoke affected callbacks to mark themselves as authorized senders before allowlist…

  • CVE-2026-46519HigJun 11, 2026
    risk 0.50cvss 8.8epss 0.00

    mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.6.0, mcp-server-kubernetes exposes three environment variables (ALLOW_ONLY_READONLY_TOOLS, ALLOW_ONLY_NON_DESTRUCTIVE_TOOLS, ALLOWED_TOOLS) documented as access…

  • CVE-2026-35674HigMay 29, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route that allows scoped clients to execute privileged commands. Attackers with operator.write scope can deliver commands through inherited external routes to bypass operator.approvals and…

  • CVE-2026-46823HigMay 28, 2026
    risk 0.50cvss 7.7epss 0.00

    Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business Suite (component: Authorization). Supported versions that are affected are 12.2.6-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via…

  • CVE-2026-44832HigMay 26, 2026
    risk 0.50cvss 8.8epss 0.00

    Snipe-IT is an IT asset/license management system. Prior to 8.4.1, aAn authenticated user with only users.edit permission can escalate their own privileges to admin by sending a PATCH request to /api/v1/users/{id} with permissions[admin]=1. The API controller only strips the…

  • CVE-2026-8350HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulk_user_assignment.php which can lead to privilege escalation to Administrative Group. Any authenticated user with access to the bulk user assignment dashboard page can add any user email to any group…

  • CVE-2026-47102HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.01

    LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their…

  • CVE-2026-47101HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.01

    LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to routes that their role does not permit. When generating a key, the allowed_routes field is stored without verifying that the specified routes fall within the user's own permissions.…