Common Weakness Enumeration

CWE-282

Allowed-with-Review

Improper Ownership Management

Abstraction: Class · Status: Draft

The product assigns the wrong ownership, or does not properly verify the ownership, of an object or resource.

50 vulnerabilities reference this CWE, most recent first.

GHSA-MXHG-FJCX-GV8X

Vulnerability from github – Published: 2025-06-23 21:31 – Updated: 2025-06-23 21:31
VLAI
Details

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6

could allow an authenticated user to delete another user's comments due to improper ownership management.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-3629"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-282"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-21T13:15:21Z",
    "severity": "MODERATE"
  },
  "details": "IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 \n\ncould allow an authenticated user to delete another user\u0027s comments due to improper ownership management.",
  "id": "GHSA-mxhg-fjcx-gv8x",
  "modified": "2025-06-23T21:31:50Z",
  "published": "2025-06-23T21:31:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3629"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7235496"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P32W-WM8H-W433

Vulnerability from github – Published: 2023-09-29 09:30 – Updated: 2024-04-04 07:58
VLAI
Details

An information disclosure issue in GitLab CE/EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-0989"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-282"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-29T07:15:12Z",
    "severity": "MODERATE"
  },
  "details": "An information disclosure issue in GitLab CE/EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration.",
  "id": "GHSA-p32w-wm8h-w433",
  "modified": "2024-04-04T07:58:04Z",
  "published": "2023-09-29T09:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0989"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1875515"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417275"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P5F6-V7VQ-6742

Vulnerability from github – Published: 2024-09-13 18:31 – Updated: 2024-09-13 18:31
VLAI
Details

A valid, authenticated LXCA user may be able to unmanage an LXCA managed device in through the LXCA web interface without sufficient privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-45103"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-282"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-13T18:15:04Z",
    "severity": "MODERATE"
  },
  "details": "A valid, authenticated LXCA user may be able to unmanage an LXCA managed device in through the LXCA web interface without sufficient privileges.",
  "id": "GHSA-p5f6-v7vq-6742",
  "modified": "2024-09-13T18:31:48Z",
  "published": "2024-09-13T18:31:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45103"
    },
    {
      "type": "WEB",
      "url": "https://support.lenovo.com/us/en/product_security/LEN-154748"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P72Q-V88C-RPRQ

Vulnerability from github – Published: 2023-07-06 19:24 – Updated: 2025-10-22 00:32
VLAI
Details

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-0386"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-282"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-22T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.",
  "id": "GHSA-p72q-v88c-rprq",
  "modified": "2025-10-22T00:32:43Z",
  "published": "2023-07-06T19:24:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0386"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20230420-0004"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-0386"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5402"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PW5W-RMC5-F87R

Vulnerability from github – Published: 2025-03-10 09:31 – Updated: 2025-10-07 15:30
VLAI
Details

Improper Authentication vulnerability in GE Vernova EnerVista UR Setup allows Authentication Bypass.  The software's startup authentication can be disabled by altering a Windows registry setting that any user can modify.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-27254"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-282",
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-10T09:15:11Z",
    "severity": "HIGH"
  },
  "details": "Improper Authentication vulnerability in GE Vernova EnerVista UR Setup allows Authentication Bypass.\u00a0\nThe software\u0027s startup authentication can be disabled by altering a Windows registry setting that any user can modify.",
  "id": "GHSA-pw5w-rmc5-f87r",
  "modified": "2025-10-07T15:30:24Z",
  "published": "2025-03-10T09:31:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27254"
    },
    {
      "type": "WEB",
      "url": "https://www.gevernova.com/grid-solutions/app/DownloadFile.aspx?prod=urfamily\u0026type=21\u0026file=76"
    },
    {
      "type": "WEB",
      "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-27254"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QWF5-4P6V-8H59

Vulnerability from github – Published: 2025-07-09 15:30 – Updated: 2025-07-09 15:30
VLAI
Details

IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-1112"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-282"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-09T15:15:23Z",
    "severity": "MODERATE"
  },
  "details": "IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users.",
  "id": "GHSA-qwf5-4p6v-8h59",
  "modified": "2025-07-09T15:30:45Z",
  "published": "2025-07-09T15:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1112"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7239151"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RP5P-4FX2-GCXG

Vulnerability from github – Published: 2025-08-20 12:31 – Updated: 2025-08-20 12:31
VLAI
Details

In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-57732"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-282"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-20T10:15:31Z",
    "severity": "HIGH"
  },
  "details": "In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership",
  "id": "GHSA-rp5p-4fx2-gcxg",
  "modified": "2025-08-20T12:31:15Z",
  "published": "2025-08-20T12:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57732"
    },
    {
      "type": "WEB",
      "url": "https://www.jetbrains.com/privacy-security/issues-fixed"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RVM3-4G3Q-HCJX

Vulnerability from github – Published: 2024-01-11 21:31 – Updated: 2024-01-11 21:31
VLAI
Details

A vulnerability was found in meetyoucrop big-whale 1.1 and classified as critical. Affected by this issue is some unknown functionality of the file /auth/user/all.api of the component Admin Module. The manipulation of the argument id leads to improper ownership management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250232.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-7226"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-282"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-11T21:15:12Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was found in meetyoucrop big-whale 1.1 and classified as critical. Affected by this issue is some unknown functionality of the file /auth/user/all.api of the component Admin Module. The manipulation of the argument id leads to improper ownership management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250232.",
  "id": "GHSA-rvm3-4g3q-hcjx",
  "modified": "2024-01-11T21:31:22Z",
  "published": "2024-01-11T21:31:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-7226"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/meetyoucrop/big-whale/issues/I6N31K"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.250232"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.250232"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WVJP-4X3W-PVQX

Vulnerability from github – Published: 2024-04-10 18:30 – Updated: 2024-04-10 18:30
VLAI
Details

A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-3383"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-282"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-10T17:15:57Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules.",
  "id": "GHSA-wvjp-4x3w-pvqx",
  "modified": "2024-04-10T18:30:48Z",
  "published": "2024-04-10T18:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3383"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2024-3383"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WXCF-6Q4P-3735

Vulnerability from github – Published: 2024-05-14 15:32 – Updated: 2024-05-14 15:32
VLAI
Details

IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-47712"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-282",
      "CWE-732"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-14T13:56:45Z",
    "severity": "HIGH"
  },
  "details": "IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control.  IBM X-Force ID:  271527.",
  "id": "GHSA-wxcf-6q4p-3735",
  "modified": "2024-05-14T15:32:51Z",
  "published": "2024-05-14T15:32:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47712"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271524"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7150840"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

CAPEC-17: Using Malicious Files

An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell access; or in a possible worst case allows an adversary to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.

CAPEC-35: Leverage Executable Code in Non-Executable Files

An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.