CWE-282
Allowed-with-ReviewImproper Ownership Management
Abstraction: Class · Status: Draft
The product assigns the wrong ownership, or does not properly verify the ownership, of an object or resource.
50 vulnerabilities reference this CWE, most recent first.
GHSA-MXHG-FJCX-GV8X
Vulnerability from github – Published: 2025-06-23 21:31 – Updated: 2025-06-23 21:31IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6
could allow an authenticated user to delete another user's comments due to improper ownership management.
{
"affected": [],
"aliases": [
"CVE-2025-3629"
],
"database_specific": {
"cwe_ids": [
"CWE-282"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-21T13:15:21Z",
"severity": "MODERATE"
},
"details": "IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 \n\ncould allow an authenticated user to delete another user\u0027s comments due to improper ownership management.",
"id": "GHSA-mxhg-fjcx-gv8x",
"modified": "2025-06-23T21:31:50Z",
"published": "2025-06-23T21:31:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3629"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7235496"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-P32W-WM8H-W433
Vulnerability from github – Published: 2023-09-29 09:30 – Updated: 2024-04-04 07:58An information disclosure issue in GitLab CE/EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration.
{
"affected": [],
"aliases": [
"CVE-2023-0989"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-282"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-29T07:15:12Z",
"severity": "MODERATE"
},
"details": "An information disclosure issue in GitLab CE/EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration.",
"id": "GHSA-p32w-wm8h-w433",
"modified": "2024-04-04T07:58:04Z",
"published": "2023-09-29T09:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0989"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/1875515"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417275"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-P5F6-V7VQ-6742
Vulnerability from github – Published: 2024-09-13 18:31 – Updated: 2024-09-13 18:31A valid, authenticated LXCA user may be able to unmanage an LXCA managed device in through the LXCA web interface without sufficient privileges.
{
"affected": [],
"aliases": [
"CVE-2024-45103"
],
"database_specific": {
"cwe_ids": [
"CWE-282"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-13T18:15:04Z",
"severity": "MODERATE"
},
"details": "A valid, authenticated LXCA user may be able to unmanage an LXCA managed device in through the LXCA web interface without sufficient privileges.",
"id": "GHSA-p5f6-v7vq-6742",
"modified": "2024-09-13T18:31:48Z",
"published": "2024-09-13T18:31:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45103"
},
{
"type": "WEB",
"url": "https://support.lenovo.com/us/en/product_security/LEN-154748"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-P72Q-V88C-RPRQ
Vulnerability from github – Published: 2023-07-06 19:24 – Updated: 2025-10-22 00:32A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
{
"affected": [],
"aliases": [
"CVE-2023-0386"
],
"database_specific": {
"cwe_ids": [
"CWE-282"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-22T21:15:00Z",
"severity": "HIGH"
},
"details": "A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.",
"id": "GHSA-p72q-v88c-rprq",
"modified": "2025-10-22T00:32:43Z",
"published": "2023-07-06T19:24:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0386"
},
{
"type": "WEB",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20230420-0004"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-0386"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5402"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PW5W-RMC5-F87R
Vulnerability from github – Published: 2025-03-10 09:31 – Updated: 2025-10-07 15:30Improper Authentication vulnerability in GE Vernova EnerVista UR Setup allows Authentication Bypass. The software's startup authentication can be disabled by altering a Windows registry setting that any user can modify.
{
"affected": [],
"aliases": [
"CVE-2025-27254"
],
"database_specific": {
"cwe_ids": [
"CWE-282",
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-10T09:15:11Z",
"severity": "HIGH"
},
"details": "Improper Authentication vulnerability in GE Vernova EnerVista UR Setup allows Authentication Bypass.\u00a0\nThe software\u0027s startup authentication can be disabled by altering a Windows registry setting that any user can modify.",
"id": "GHSA-pw5w-rmc5-f87r",
"modified": "2025-10-07T15:30:24Z",
"published": "2025-03-10T09:31:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27254"
},
{
"type": "WEB",
"url": "https://www.gevernova.com/grid-solutions/app/DownloadFile.aspx?prod=urfamily\u0026type=21\u0026file=76"
},
{
"type": "WEB",
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-27254"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QWF5-4P6V-8H59
Vulnerability from github – Published: 2025-07-09 15:30 – Updated: 2025-07-09 15:30IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users.
{
"affected": [],
"aliases": [
"CVE-2025-1112"
],
"database_specific": {
"cwe_ids": [
"CWE-282"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-09T15:15:23Z",
"severity": "MODERATE"
},
"details": "IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users.",
"id": "GHSA-qwf5-4p6v-8h59",
"modified": "2025-07-09T15:30:45Z",
"published": "2025-07-09T15:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1112"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7239151"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RP5P-4FX2-GCXG
Vulnerability from github – Published: 2025-08-20 12:31 – Updated: 2025-08-20 12:31In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership
{
"affected": [],
"aliases": [
"CVE-2025-57732"
],
"database_specific": {
"cwe_ids": [
"CWE-282"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-20T10:15:31Z",
"severity": "HIGH"
},
"details": "In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership",
"id": "GHSA-rp5p-4fx2-gcxg",
"modified": "2025-08-20T12:31:15Z",
"published": "2025-08-20T12:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57732"
},
{
"type": "WEB",
"url": "https://www.jetbrains.com/privacy-security/issues-fixed"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RVM3-4G3Q-HCJX
Vulnerability from github – Published: 2024-01-11 21:31 – Updated: 2024-01-11 21:31A vulnerability was found in meetyoucrop big-whale 1.1 and classified as critical. Affected by this issue is some unknown functionality of the file /auth/user/all.api of the component Admin Module. The manipulation of the argument id leads to improper ownership management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250232.
{
"affected": [],
"aliases": [
"CVE-2023-7226"
],
"database_specific": {
"cwe_ids": [
"CWE-282"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-11T21:15:12Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in meetyoucrop big-whale 1.1 and classified as critical. Affected by this issue is some unknown functionality of the file /auth/user/all.api of the component Admin Module. The manipulation of the argument id leads to improper ownership management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250232.",
"id": "GHSA-rvm3-4g3q-hcjx",
"modified": "2024-01-11T21:31:22Z",
"published": "2024-01-11T21:31:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-7226"
},
{
"type": "WEB",
"url": "https://gitee.com/meetyoucrop/big-whale/issues/I6N31K"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.250232"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.250232"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-WVJP-4X3W-PVQX
Vulnerability from github – Published: 2024-04-10 18:30 – Updated: 2024-04-10 18:30A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules.
{
"affected": [],
"aliases": [
"CVE-2024-3383"
],
"database_specific": {
"cwe_ids": [
"CWE-282"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-10T17:15:57Z",
"severity": "HIGH"
},
"details": "A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules.",
"id": "GHSA-wvjp-4x3w-pvqx",
"modified": "2024-04-10T18:30:48Z",
"published": "2024-04-10T18:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3383"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2024-3383"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WXCF-6Q4P-3735
Vulnerability from github – Published: 2024-05-14 15:32 – Updated: 2024-05-14 15:32IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527.
{
"affected": [],
"aliases": [
"CVE-2023-47712"
],
"database_specific": {
"cwe_ids": [
"CWE-282",
"CWE-732"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-14T13:56:45Z",
"severity": "HIGH"
},
"details": "IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527.",
"id": "GHSA-wxcf-6q4p-3735",
"modified": "2024-05-14T15:32:51Z",
"published": "2024-05-14T15:32:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47712"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271524"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7150840"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
CAPEC-17: Using Malicious Files
An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell access; or in a possible worst case allows an adversary to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
CAPEC-35: Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.