Common Weakness Enumeration

CWE-863

Allowed-with-Review

Incorrect Authorization

Abstraction: Class · Status: Incomplete

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

5494 vulnerabilities reference this CWE, most recent first.

GHSA-HR74-5GWV-789V

Vulnerability from github – Published: 2025-01-17 00:30 – Updated: 2025-02-03 21:31
VLAI
Details

An issue in OPEXUS FOIAXPRESS PUBLIC ACCESS LINK v11.1.0 allows attackers to bypass authentication via crafted web requests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-53553"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-16T23:15:07Z",
    "severity": "CRITICAL"
  },
  "details": "An issue in OPEXUS FOIAXPRESS PUBLIC ACCESS LINK v11.1.0 allows attackers to bypass authentication via crafted web requests.",
  "id": "GHSA-hr74-5gwv-789v",
  "modified": "2025-02-03T21:31:49Z",
  "published": "2025-01-17T00:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53553"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Turbul3nce/Vulnerability.Research/tree/main/CVE-2024-53553"
    },
    {
      "type": "WEB",
      "url": "https://infosecwriteups.com/exploiting-execute-after-redirect-ear-vulnerability-in-htb-previse-92ea3f1dbf3d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HR8P-P44M-Q8X6

Vulnerability from github – Published: 2022-06-16 00:00 – Updated: 2025-01-02 21:31
VLAI
Details

Kerberos AppContainer Security Feature Bypass Vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-30164"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-15T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "Kerberos AppContainer Security Feature Bypass Vulnerability.",
  "id": "GHSA-hr8p-p44m-q8x6",
  "modified": "2025-01-02T21:31:38Z",
  "published": "2022-06-16T00:00:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30164"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30164"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30164"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/167716/Windows-Kerberos-KerbRetrieveEncodedTicketMessage-AppContainer-Privilege-Escalation.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HRPQ-69MG-72V6

Vulnerability from github – Published: 2025-01-28 00:32 – Updated: 2025-01-28 18:31
VLAI
Details

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, visionOS 2.2, iOS 18.2 and iPadOS 18.2. Password autofill may fill in passwords after failing authentication.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-54530"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-862",
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-27T22:15:13Z",
    "severity": "CRITICAL"
  },
  "details": "The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, visionOS 2.2, iOS 18.2 and iPadOS 18.2. Password autofill may fill in passwords after failing authentication.",
  "id": "GHSA-hrpq-69mg-72v6",
  "modified": "2025-01-28T18:31:26Z",
  "published": "2025-01-28T00:32:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54530"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/121837"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/121839"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/121843"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/121845"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HRQV-FQ7G-698J

Vulnerability from github – Published: 2023-12-06 15:30 – Updated: 2023-12-12 18:31
VLAI
Details

TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-48859"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-06T15:15:06Z",
    "severity": "HIGH"
  },
  "details": "TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code.",
  "id": "GHSA-hrqv-fq7g-698j",
  "modified": "2023-12-12T18:31:31Z",
  "published": "2023-12-06T15:30:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48859"
    },
    {
      "type": "WEB",
      "url": "https://github.com/xieqiang11/security_research/blob/main/TOTOLINK-A3002RU-RCE.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HRV3-FV5C-H4M4

Vulnerability from github – Published: 2022-05-24 17:43 – Updated: 2022-07-13 00:01
VLAI
Details

Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain and/or alter the setting information without the access privilege via unspecified vectors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-20657"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-24T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain and/or alter the setting information without the access privilege via unspecified vectors.",
  "id": "GHSA-hrv3-fv5c-h4m4",
  "modified": "2022-07-13T00:01:05Z",
  "published": "2022-05-24T17:43:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20657"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/jp/JVN37417423/index.html"
    },
    {
      "type": "WEB",
      "url": "https://www.contec.com/jp/api/downloadlogger?download=https://www.contec.com/jp/-/media/contec/jp/support/security-info/contec_security_solarview_210216.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.contec.com/jp/download/contract/contract2/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e\u0026downloaditemid=fa248fba-8901-4d9e-8212-b139f2defbdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HRV7-95M4-5F4G

Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-07-13 00:01
VLAI
Details

Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset the device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-3705"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-01T14:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset the device.",
  "id": "GHSA-hrv7-95m4-5f4g",
  "modified": "2022-07-13T00:01:32Z",
  "published": "2022-05-24T19:19:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3705"
    },
    {
      "type": "WEB",
      "url": "https://support.hp.com/us-en/document/ish_4411563-4411589-16/hpsbpi03741"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HRX4-Q45P-XFR7

Vulnerability from github – Published: 2022-09-29 00:00 – Updated: 2022-09-29 00:00
VLAI
Details

Smart eVision has inadequate authorization for the database query function. A remote attacker with general user privilege, who is not explicitly authorized to access the information, can access sensitive information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-39029"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-28T04:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Smart eVision has inadequate authorization for the database query function. A remote attacker with general user privilege, who is not explicitly authorized to access the information, can access sensitive information.",
  "id": "GHSA-hrx4-q45p-xfr7",
  "modified": "2022-09-29T00:00:27Z",
  "published": "2022-09-29T00:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39029"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/tw/cp-132-6566-3805b-1.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HV5G-26JG-PC45

Vulnerability from github – Published: 2026-04-15 18:31 – Updated: 2026-04-27 16:33
VLAI
Summary
Velociraptor vulnerability in the query() plugin which allows access to all orgs with the user's current ACL token
Details

Velociraptor versions prior to 0.76.3 contain a vulnerability in the query() plugin which allows access to all orgs with the user's current ACL token. This allows an authenticated GUI user with access in one org, to use the query() plugin, in a notebook cell, to run VQL queries on other orgs which they may not have access to. The user's permissions in the other org are the same as the permissions they have in the org containing the notebook.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "www.velocidex.com/golang/velociraptor"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.76.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-6290"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-16T21:33:30Z",
    "nvd_published_at": "2026-04-15T18:17:25Z",
    "severity": "CRITICAL"
  },
  "details": "Velociraptor versions prior to 0.76.3 contain a vulnerability in the query() plugin which allows access to all orgs with the user\u0027s current ACL token. This allows an authenticated GUI user with access in one org, to use the query() plugin, in a notebook cell, to run VQL queries on other orgs which they may not have access to. The user\u0027s permissions in the other org are\nthe same as the permissions they have in the org containing the notebook.",
  "id": "GHSA-hv5g-26jg-pc45",
  "modified": "2026-04-27T16:33:21Z",
  "published": "2026-04-15T18:31:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6290"
    },
    {
      "type": "WEB",
      "url": "https://docs.velociraptor.app/announcements/advisories/cve-2026-6290"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Velocidex/velociraptor"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Velociraptor vulnerability in the query() plugin which allows access to all orgs with the user\u0027s current ACL token"
}

GHSA-HV5W-7H32-WHFP

Vulnerability from github – Published: 2025-07-15 21:31 – Updated: 2025-07-15 21:31
VLAI
Details

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-30748"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-15T20:15:29Z",
    "severity": "MODERATE"
  },
  "details": "Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology).  Supported versions that are affected are 8.60, 8.61 and  8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as  unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
  "id": "GHSA-hv5w-7h32-whfp",
  "modified": "2025-07-15T21:31:40Z",
  "published": "2025-07-15T21:31:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30748"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2025.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HV6G-3JJM-8Q6P

Vulnerability from github – Published: 2022-07-13 00:00 – Updated: 2022-07-13 00:00
VLAI
Details

Microsoft Office Security Feature Bypass Vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-33632"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-12T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Microsoft Office Security Feature Bypass Vulnerability.",
  "id": "GHSA-hv6g-3jjm-8q6p",
  "modified": "2022-07-13T00:00:39Z",
  "published": "2022-07-13T00:00:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33632"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33632"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33632"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design
  • Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
  • Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Architecture and Design

Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].

Mitigation MIT-4.4
Architecture and Design

Strategy: Libraries or Frameworks

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
Architecture and Design
  • For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
  • One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
System Configuration Installation

Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.

No CAPEC attack patterns related to this CWE.