Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1248 vulnerabilities reference this CWE, most recent first.

GHSA-42G8-5X99-8WWM

Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2022-05-24 17:48
VLAI
Details

Overly relaxed configuration of frontend resources server in Vaadin Designer versions 4.3.0 through 4.6.3 allows remote attackers to access project sources via crafted HTTP request.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-31410"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-23T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "Overly relaxed configuration of frontend resources server in Vaadin Designer versions 4.3.0 through 4.6.3 allows remote attackers to access project sources via crafted HTTP request.",
  "id": "GHSA-42g8-5x99-8wwm",
  "modified": "2022-05-24T17:48:44Z",
  "published": "2022-05-24T17:48:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31410"
    },
    {
      "type": "WEB",
      "url": "https://vaadin.com/security/cve-2021-31410"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-42WV-RQ8P-RM59

Vulnerability from github – Published: 2022-05-24 19:16 – Updated: 2022-05-24 19:16
VLAI
Details

waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=gift&a=addsave credit parameter to -1, the product is sold for free.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-21503"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-05T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=gift\u0026a=addsave credit parameter to -1, the product is sold for free.",
  "id": "GHSA-42wv-rq8p-rm59",
  "modified": "2022-05-24T19:16:50Z",
  "published": "2022-05-24T19:16:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-21503"
    },
    {
      "type": "WEB",
      "url": "https://github.com/caokang/waimai/issues/15"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-438X-9G8X-78P5

Vulnerability from github – Published: 2023-06-13 21:30 – Updated: 2025-02-13 18:31
VLAI
Details

ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.

Additional Details

This issue is present in the following supported ServiceNow releases:

  • Quebec prior to Patch 10 Hot Fix 8b
  • Rome prior to Patch 10 Hot Fix 1
  • San Diego prior to Patch 7
  • Tokyo prior to Tokyo Patch 1; and
  • Utah prior to Utah General Availability

If this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-43684"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-13T19:15:09Z",
    "severity": "MODERATE"
  },
  "details": "ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.\n\n\n\nAdditional Details\n\nThis issue is present in the following supported ServiceNow releases: \n\n\n\n  *  Quebec prior to Patch 10 Hot Fix 8b\n  *  Rome prior to Patch 10 Hot Fix 1\n  *  San Diego prior to Patch 7\n  *  Tokyo prior to Tokyo Patch 1; and \n  *  Utah prior to Utah General Availability \n\n\n\n\nIf this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.",
  "id": "GHSA-438x-9g8x-78p5",
  "modified": "2025-02-13T18:31:37Z",
  "published": "2023-06-13T21:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43684"
    },
    {
      "type": "WEB",
      "url": "https://news.ycombinator.com/item?id=36638530"
    },
    {
      "type": "WEB",
      "url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1303489"
    },
    {
      "type": "WEB",
      "url": "https://x64.sh/posts/ServiceNow-Insecure-access-control-to-admin"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/173354/ServiceNow-Insecure-Access-Control-Full-Admin-Compromise.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2023/Jul/11"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-43CW-WCF7-W8FV

Vulnerability from github – Published: 2022-03-19 00:00 – Updated: 2022-03-29 00:01
VLAI
Details

An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22598"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-18T18:15:00Z",
    "severity": "LOW"
  },
  "details": "An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access.",
  "id": "GHSA-43cw-wcf7-w8fv",
  "modified": "2022-03-29T00:01:34Z",
  "published": "2022-03-19T00:00:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22598"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213182"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-43J3-XVP9-VV7J

Vulnerability from github – Published: 2022-10-12 12:00 – Updated: 2022-10-14 19:00
VLAI
Details

Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-39015"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-11T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted.",
  "id": "GHSA-43j3-xvp9-vv7j",
  "modified": "2022-10-14T19:00:39Z",
  "published": "2022-10-12T12:00:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39015"
    },
    {
      "type": "WEB",
      "url": "https://launchpad.support.sap.com/#/notes/3239293"
    },
    {
      "type": "WEB",
      "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-43RF-FWX9-64W8

Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2022-07-13 00:01
VLAI
Details

In Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. The installation configuration user interface available to administrators allows testing the configured SMTP server settings. This test function can be used to identify the listening TCP ports available to the server, revealing information about the internal network environment.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-41590"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-27T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. The installation configuration user interface available to administrators allows testing the configured SMTP server settings. This test function can be used to identify the listening TCP ports available to the server, revealing information about the internal network environment.",
  "id": "GHSA-43rf-fwx9-64w8",
  "modified": "2022-07-13T00:01:41Z",
  "published": "2022-05-24T19:18:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41590"
    },
    {
      "type": "WEB",
      "url": "https://security.gradle.com"
    },
    {
      "type": "WEB",
      "url": "https://security.gradle.com/advisory/2021-07"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-43WV-W8Q4-MCVR

Vulnerability from github – Published: 2024-07-09 18:30 – Updated: 2025-10-22 00:33
VLAI
Details

Windows MSHTML Platform Spoofing Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-38112"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-451",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-09T17:15:47Z",
    "severity": "HIGH"
  },
  "details": "Windows MSHTML Platform Spoofing Vulnerability",
  "id": "GHSA-43wv-w8q4-mcvr",
  "modified": "2025-10-22T00:33:04Z",
  "published": "2024-07-09T18:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38112"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38112"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-443J-7M97-75J3

Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37
VLAI
Details

This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.network.traffic_005freport_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5191.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-16600"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-23T01:29:00Z",
    "severity": "MODERATE"
  },
  "details": "This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.network.traffic_005freport_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5191.",
  "id": "GHSA-443j-7m97-75j3",
  "modified": "2022-05-13T01:37:24Z",
  "published": "2022-05-13T01:37:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16600"
    },
    {
      "type": "WEB",
      "url": "https://zerodayinitiative.com/advisories/ZDI-17-965"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102528"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-44X5-VV7X-RXJ5

Vulnerability from github – Published: 2022-01-25 00:01 – Updated: 2023-08-08 15:31
VLAI
Details

An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-23856"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-24T02:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI.",
  "id": "GHSA-44x5-vv7x-rxj5",
  "modified": "2023-08-08T15:31:37Z",
  "published": "2022-01-25T00:01:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23856"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/692873"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-456V-QXQW-V893

Vulnerability from github – Published: 2022-12-21 18:30 – Updated: 2022-12-21 18:30
VLAI
Details

vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-31708"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-16T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.",
  "id": "GHSA-456v-qxqw-v893",
  "modified": "2022-12-21T18:30:23Z",
  "published": "2022-12-21T18:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31708"
    },
    {
      "type": "WEB",
      "url": "https://www.vmware.com/security/advisories/VMSA-2022-0034.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.