CWE-863
Incorrect Authorization
Description
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Hierarchy (View 1000)
CVEs mapped to this weakness (1,530)
page 25 of 77| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-3272 | Med | 0.44 | — | 0.00 | May 7, 2025 | Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability could allow authenticated users to change their password without providing their old password. This issue affects Operations Bridge Manager: 24.2, 24.4. | ||
| CVE-2024-7039 | Med | 0.44 | 6.7 | 0.01 | Mar 20, 2025 | In open-webui/open-webui version v0.3.8, there is an improper privilege management vulnerability. The application allows an attacker, acting as an admin, to delete other administrators via the API endpoint `http://0.0.0.0:8080/api/v1/users/{uuid_administrator}`. This action is… | ||
| CVE-2024-39328 | Med | 0.44 | 6.8 | 0.00 | Feb 18, 2025 | Insecure Permissions in Atos Eviden IDRA and IDCA before 2.7.0. A highly trusted role (Config Admin) could exceed their configuration privileges in a multi-partition environment and access some confidential data. Data integrity and availability is not at risk. | ||
| CVE-2024-54916 | Med | 0.44 | 6.8 | 0.00 | Feb 11, 2025 | An issue in the SharedConfig class of Telegram Android APK v.11.7.0 allows a physically proximate attacker to bypass authentication and escalate privileges by manipulating the return value of the checkPasscode method. | ||
| CVE-2025-24401 | — | Med | 0.44 | 6.8 | 0.00 | Jan 22, 2025 | Jenkins Folder-based Authorization Strategy Plugin 217.vd5b_18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall/Manage) to access functionality… | |
| CVE-2024-48911 | — | Hig | 0.44 | 7.8 | 0.00 | Oct 14, 2024 | OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its config file. Prior to version 0.9.4, where the config file is stored in an unprivileged user directory but the daemon is executed by root, it’s possible for the unprivileged user to change… | |
| CVE-2024-3331 | Med | 0.44 | 6.8 | 0.00 | Jun 27, 2024 | Vulnerability in Spotfire Spotfire Enterprise Runtime for R - Server Edition, Spotfire Spotfire Statistics Services, Spotfire Spotfire Analyst, Spotfire Spotfire Desktop, Spotfire Spotfire Server allows The impact of this vulnerability depends on the privileges of the user… | ||
| CVE-2023-4107 | Med | 0.44 | 6.7 | 0.00 | Aug 11, 2023 | Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name. | ||
| CVE-2021-39234 | — | Med | 0.44 | 6.8 | 0.01 | Nov 19, 2021 | In Apache Ozone versions prior to 1.2.0, Authenticated users knowing the ID of an existing block can craft specific request allowing access those blocks, bypassing other security checks like ACL. | |
| CVE-2021-28164 | Med | 0.44 | 5.3 | 0.82 | Apr 1, 2021 | In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the… | ||
| CVE-2018-7929 | Med | 0.44 | 6.8 | 0.00 | Sep 18, 2018 | Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain operations. | ||
| CVE-2017-1233 | Med | 0.44 | 6.7 | 0.00 | Jan 31, 2018 | IBM Remote Control v9 could allow a local user to use the component to replace files to which he does not have write access and which he can cause to be executed with Local System or root privileges. IBM X-Force ID: 123912. | ||
| CVE-2017-16858 | Med | 0.44 | 6.8 | 0.01 | Jan 31, 2018 | The 'crowd-application' plugin module (notably used by the Google Apps plugin) in Atlassian Crowd from version 1.5.0 before version 3.1.2 allowed an attacker to impersonate a Crowd user in REST requests by being able to authenticate to a directory bound to an application using… | ||
| CVE-2017-12114 | Med | 0.44 | 6.8 | 0.01 | Jan 19, 2018 | An exploitable improper authorization vulnerability exists in admin_peers API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send… | ||
| CVE-2026-46717 | Hig | 0.43 | 7.7 | 0.00 | Jun 12, 2026 | Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, nezha's dashboard supports two user roles: RoleAdmin (Role==0) and RoleMember (Role==1). The notification routes POST /api/v1/notification… | ||
| CVE-2026-49823 | Hig | 0.43 | 7.7 | 0.00 | Jun 10, 2026 | Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were… | ||
| CVE-2026-42438 | Hig | 0.43 | 7.7 | 0.00 | May 5, 2026 | OpenClaw versions 2026.4.9 before 2026.4.10 contain a sender policy bypass vulnerability in the outbound host-media attachment read helper that allows unauthorized local file disclosure. Attackers with denied read access via toolsBySender or group policy can trigger host-media… | ||
| CVE-2026-41068 | Hig | 0.43 | 7.7 | 0.00 | Apr 24, 2026 | Kyverno is a policy engine designed for cloud native platform engineering teams. The patch for CVE-2026-22039 fixed cross-namespace privilege escalation in Kyverno's `apiCall` context by validating the `URLPath` field. However, the ConfigMap context loader has the identical… | ||
| CVE-2026-26274 | — | Med | 0.43 | 6.6 | 0.00 | Apr 21, 2026 | October is a Content Management System (CMS) and web platform. Prior to 3.7.14 and 4.1.10, a vulnerability was identified in the Twig sandbox security policy that allowed database write operations when cms.safe_mode is enabled. Backend users with Developer permissions could use… | |
| CVE-2026-33461 | Hig | 0.43 | 7.7 | 0.00 | Apr 8, 2026 | Incorrect Authorization (CWE-863) in Kibana can lead to information disclosure via Privilege Abuse (CAPEC-122). A user with limited Fleet privileges can exploit an internal API endpoint to retrieve sensitive configuration data, including private keys and authentication tokens,… |
- risk 0.44cvss —epss 0.00
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability could allow authenticated users to change their password without providing their old password. This issue affects Operations Bridge Manager: 24.2, 24.4.
- risk 0.44cvss 6.7epss 0.01
In open-webui/open-webui version v0.3.8, there is an improper privilege management vulnerability. The application allows an attacker, acting as an admin, to delete other administrators via the API endpoint `http://0.0.0.0:8080/api/v1/users/{uuid_administrator}`. This action is…
- risk 0.44cvss 6.8epss 0.00
Insecure Permissions in Atos Eviden IDRA and IDCA before 2.7.0. A highly trusted role (Config Admin) could exceed their configuration privileges in a multi-partition environment and access some confidential data. Data integrity and availability is not at risk.
- risk 0.44cvss 6.8epss 0.00
An issue in the SharedConfig class of Telegram Android APK v.11.7.0 allows a physically proximate attacker to bypass authentication and escalate privileges by manipulating the return value of the checkPasscode method.
- risk 0.44cvss 6.8epss 0.00
Jenkins Folder-based Authorization Strategy Plugin 217.vd5b_18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall/Manage) to access functionality…
- risk 0.44cvss 7.8epss 0.00
OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its config file. Prior to version 0.9.4, where the config file is stored in an unprivileged user directory but the daemon is executed by root, it’s possible for the unprivileged user to change…
- risk 0.44cvss 6.8epss 0.00
Vulnerability in Spotfire Spotfire Enterprise Runtime for R - Server Edition, Spotfire Spotfire Statistics Services, Spotfire Spotfire Analyst, Spotfire Spotfire Desktop, Spotfire Spotfire Server allows The impact of this vulnerability depends on the privileges of the user…
- risk 0.44cvss 6.7epss 0.00
Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name.
- risk 0.44cvss 6.8epss 0.01
In Apache Ozone versions prior to 1.2.0, Authenticated users knowing the ID of an existing block can craft specific request allowing access those blocks, bypassing other security checks like ACL.
- risk 0.44cvss 5.3epss 0.82
In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the…
- risk 0.44cvss 6.8epss 0.00
Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain operations.
- risk 0.44cvss 6.7epss 0.00
IBM Remote Control v9 could allow a local user to use the component to replace files to which he does not have write access and which he can cause to be executed with Local System or root privileges. IBM X-Force ID: 123912.
- risk 0.44cvss 6.8epss 0.01
The 'crowd-application' plugin module (notably used by the Google Apps plugin) in Atlassian Crowd from version 1.5.0 before version 3.1.2 allowed an attacker to impersonate a Crowd user in REST requests by being able to authenticate to a directory bound to an application using…
- risk 0.44cvss 6.8epss 0.01
An exploitable improper authorization vulnerability exists in admin_peers API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send…
- risk 0.43cvss 7.7epss 0.00
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, nezha's dashboard supports two user roles: RoleAdmin (Role==0) and RoleMember (Role==1). The notification routes POST /api/v1/notification…
- risk 0.43cvss 7.7epss 0.00
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were…
- risk 0.43cvss 7.7epss 0.00
OpenClaw versions 2026.4.9 before 2026.4.10 contain a sender policy bypass vulnerability in the outbound host-media attachment read helper that allows unauthorized local file disclosure. Attackers with denied read access via toolsBySender or group policy can trigger host-media…
- risk 0.43cvss 7.7epss 0.00
Kyverno is a policy engine designed for cloud native platform engineering teams. The patch for CVE-2026-22039 fixed cross-namespace privilege escalation in Kyverno's `apiCall` context by validating the `URLPath` field. However, the ConfigMap context loader has the identical…
- risk 0.43cvss 6.6epss 0.00
October is a Content Management System (CMS) and web platform. Prior to 3.7.14 and 4.1.10, a vulnerability was identified in the Twig sandbox security policy that allowed database write operations when cms.safe_mode is enabled. Backend users with Developer permissions could use…
- risk 0.43cvss 7.7epss 0.00
Incorrect Authorization (CWE-863) in Kibana can lead to information disclosure via Privilege Abuse (CAPEC-122). A user with limited Fleet privileges can exploit an internal API endpoint to retrieve sensitive configuration data, including private keys and authentication tokens,…