Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1251 vulnerabilities reference this CWE, most recent first.

GHSA-8XJP-RP29-V5J8

Vulnerability from github – Published: 2022-01-13 00:00 – Updated: 2023-06-27 22:18
VLAI
Summary
Agent-to-controller security bypass in Jenkins Debian Package Builder Plugin
Details

Jenkins Debian Package Builder Plugin 1.6.11 and earlier implements functionality that allows agent processes to invoke command-line git at an attacker-specified path on the controller.

This allows attackers able to control agent processes to invoke arbitrary OS commands on the controller.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "ru.yandex.jenkins.plugins.debuilder:debian-package-builder"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.6.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-23118"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-668",
      "CWE-693"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-06-01T20:10:51Z",
    "nvd_published_at": "2022-01-12T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Jenkins Debian Package Builder Plugin 1.6.11 and earlier implements functionality that allows agent processes to invoke command-line git at an attacker-specified path on the controller.\n\nThis allows attackers able to control agent processes to invoke arbitrary OS commands on the controller.",
  "id": "GHSA-8xjp-rp29-v5j8",
  "modified": "2023-06-27T22:18:19Z",
  "published": "2022-01-13T00:00:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23118"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/debian-package-builder-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2546"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Agent-to-controller security bypass in Jenkins Debian Package Builder Plugin"
}

GHSA-925R-R6RP-2JJ7

Vulnerability from github – Published: 2022-11-11 19:00 – Updated: 2022-11-16 21:44
VLAI
Summary
ManyDesigns Portofino subject to creation of insecure temporary file
Details

A vulnerability has been found in ManyDesigns Portofino 5.3.2. Affected by this vulnerability is the function createTempDir of the file WarFileLauncher.java. The manipulation leads to creation of temporary file in directory with insecure permissions. Upgrading to version 5.3.3 is able to address this issue. The name of the patch is 94653cb357806c9cf24d8d294e6afea33f8f0775. It is recommended to upgrade the affected component.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.manydesigns:portofino"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-3952"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-377",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-11-16T00:00:50Z",
    "nvd_published_at": "2022-11-11T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been found in ManyDesigns Portofino 5.3.2. Affected by this vulnerability is the function createTempDir of the file WarFileLauncher.java. The manipulation leads to creation of temporary file in directory with insecure permissions. Upgrading to version 5.3.3 is able to address this issue. The name of the patch is 94653cb357806c9cf24d8d294e6afea33f8f0775. It is recommended to upgrade the affected component. ",
  "id": "GHSA-925r-r6rp-2jj7",
  "modified": "2022-11-16T21:44:44Z",
  "published": "2022-11-11T19:00:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3952"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ManyDesigns/Portofino/pull/580"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ManyDesigns/Portofino/commit/94653cb357806c9cf24d8d294e6afea33f8f0775"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ManyDesigns/Portofino"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ManyDesigns/Portofino/releases/tag/v5.3.3"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.213457"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "ManyDesigns Portofino subject to creation of insecure temporary file"
}

GHSA-92CH-FW3F-GXMQ

Vulnerability from github – Published: 2023-06-15 00:30 – Updated: 2024-04-04 04:51
VLAI
Details

An information disclosure vulnerability in the?faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic. An attacker could use these credentials to impersonate PTR/TRAP to these services. All versions prior to 5.10.0 are affected. 

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-2820"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-14T22:15:09Z",
    "severity": "MODERATE"
  },
  "details": "An information disclosure vulnerability in the?faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic. An attacker could use these credentials to impersonate PTR/TRAP to these services. All versions prior to 5.10.0 are affected.\u00a0\n",
  "id": "GHSA-92ch-fw3f-gxmq",
  "modified": "2024-04-04T04:51:31Z",
  "published": "2023-06-15T00:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2820"
    },
    {
      "type": "WEB",
      "url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2023-0003"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-92CV-8JC7-JRPM

Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2022-06-04 00:00
VLAI
Details

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-26314"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-208",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-09T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage.",
  "id": "GHSA-92cv-8jc7-jrpm",
  "modified": "2022-06-04T00:00:52Z",
  "published": "2022-05-24T19:04:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26314"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H36U6CNREC436W6GYO7QUMJIVEA35SCV"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVA2NY26MMXOODUMYZN5DCU3FXMBMBOB"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1003"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2021/06/09/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2021/06/10/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-92FC-JGVR-56VR

Vulnerability from github – Published: 2023-01-01 09:30 – Updated: 2023-01-09 15:30
VLAI
Details

The ntpd_driver component before 1.3.0 and 2.x before 2.2.0 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled time_ref_topic parameter.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-48198"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668",
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-01T07:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "The ntpd_driver component before 1.3.0 and 2.x before 2.2.0 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a robot\u0027s behavior. This occurs because a topic name depends on the attacker-controlled time_ref_topic parameter.",
  "id": "GHSA-92fc-jgvr-56vr",
  "modified": "2023-01-09T15:30:22Z",
  "published": "2023-01-01T09:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48198"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vooon/ntpd_driver/issues/9"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vooon/ntpd_driver/compare/1.2.0...1.3.0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vooon/ntpd_driver/compare/2.1.0...2.2.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-92G9-C25J-HQP6

Vulnerability from github – Published: 2023-08-31 15:30 – Updated: 2023-08-31 15:30
VLAI
Details

Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-41742"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1327",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-31T15:15:08Z",
    "severity": "MODERATE"
  },
  "details": "Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.",
  "id": "GHSA-92g9-c25j-hqp6",
  "modified": "2023-08-31T15:30:17Z",
  "published": "2023-08-31T15:30:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41742"
    },
    {
      "type": "WEB",
      "url": "https://security-advisory.acronis.com/advisories/SEC-4351"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-93PJ-4P65-QMR9

Vulnerability from github – Published: 2022-01-28 22:07 – Updated: 2022-02-02 16:13
VLAI
Summary
Insufficient user authorization in Moodle
Details

A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.11"
            },
            {
              "fixed": "3.11.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.10"
            },
            {
              "fixed": "3.10.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.9.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-0334"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668",
      "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-01-26T22:48:21Z",
    "nvd_published_at": "2022-01-25T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability.",
  "id": "GHSA-93pj-4p65-qmr9",
  "modified": "2022-02-02T16:13:31Z",
  "published": "2022-01-28T22:07:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0334"
    },
    {
      "type": "WEB",
      "url": "https://github.com/moodle/moodle/commit/1964d68f8500ea3c7b776fa8a2af6266ed109f84"
    },
    {
      "type": "WEB",
      "url": "https://github.com/moodle/moodle/commit/6d18f136ae88ec97e351a723df570816a959ec68"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043664"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=431102"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Insufficient user authorization in Moodle"
}

GHSA-93XG-J32H-9QVG

Vulnerability from github – Published: 2022-03-16 00:00 – Updated: 2022-03-23 00:00
VLAI
Details

IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. IBM X-Force ID: 192707.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-4989"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-15T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. IBM X-Force ID: 192707.",
  "id": "GHSA-93xg-j32h-9qvg",
  "modified": "2022-03-23T00:00:44Z",
  "published": "2022-03-16T00:00:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-4989"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/192707"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6563261"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9476-HGJR-4G2Q

Vulnerability from github – Published: 2023-07-25 21:31 – Updated: 2024-04-04 06:21
VLAI
Details

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database functions. This includes system tasks, and backing up, loading, and clearing of the database.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-46901"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-25T20:15:13Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database functions. This includes system tasks, and backing up, loading, and clearing of the database.",
  "id": "GHSA-9476-hgjr-4g2q",
  "modified": "2024-04-04T06:21:24Z",
  "published": "2023-07-25T21:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46901"
    },
    {
      "type": "WEB",
      "url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security"
    },
    {
      "type": "WEB",
      "url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-949J-7M8V-WG33

Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2022-05-24 17:45
VLAI
Details

Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data hosted by the application.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-10581"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-03-25T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data hosted by the application.",
  "id": "GHSA-949j-7m8v-wg33",
  "modified": "2022-05-24T17:45:19Z",
  "published": "2022-05-24T17:45:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10581"
    },
    {
      "type": "WEB",
      "url": "https://www.on-x.com/sites/default/files/security_advisory_-_multiple_vulnerabilities_-_invigo_adm.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.