CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1248 vulnerabilities reference this CWE, most recent first.
GHSA-42G8-5X99-8WWM
Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2022-05-24 17:48Overly relaxed configuration of frontend resources server in Vaadin Designer versions 4.3.0 through 4.6.3 allows remote attackers to access project sources via crafted HTTP request.
{
"affected": [],
"aliases": [
"CVE-2021-31410"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-23T17:15:00Z",
"severity": "HIGH"
},
"details": "Overly relaxed configuration of frontend resources server in Vaadin Designer versions 4.3.0 through 4.6.3 allows remote attackers to access project sources via crafted HTTP request.",
"id": "GHSA-42g8-5x99-8wwm",
"modified": "2022-05-24T17:48:44Z",
"published": "2022-05-24T17:48:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31410"
},
{
"type": "WEB",
"url": "https://vaadin.com/security/cve-2021-31410"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-42WV-RQ8P-RM59
Vulnerability from github – Published: 2022-05-24 19:16 – Updated: 2022-05-24 19:16waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=gift&a=addsave credit parameter to -1, the product is sold for free.
{
"affected": [],
"aliases": [
"CVE-2020-21503"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-05T22:15:00Z",
"severity": "HIGH"
},
"details": "waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=gift\u0026a=addsave credit parameter to -1, the product is sold for free.",
"id": "GHSA-42wv-rq8p-rm59",
"modified": "2022-05-24T19:16:50Z",
"published": "2022-05-24T19:16:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-21503"
},
{
"type": "WEB",
"url": "https://github.com/caokang/waimai/issues/15"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-438X-9G8X-78P5
Vulnerability from github – Published: 2023-06-13 21:30 – Updated: 2025-02-13 18:31ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.
Additional Details
This issue is present in the following supported ServiceNow releases:
- Quebec prior to Patch 10 Hot Fix 8b
- Rome prior to Patch 10 Hot Fix 1
- San Diego prior to Patch 7
- Tokyo prior to Tokyo Patch 1; and
- Utah prior to Utah General Availability
If this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.
{
"affected": [],
"aliases": [
"CVE-2022-43684"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-13T19:15:09Z",
"severity": "MODERATE"
},
"details": "ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.\n\n\n\nAdditional Details\n\nThis issue is present in the following supported ServiceNow releases: \n\n\n\n * Quebec prior to Patch 10 Hot Fix 8b\n * Rome prior to Patch 10 Hot Fix 1\n * San Diego prior to Patch 7\n * Tokyo prior to Tokyo Patch 1; and \n * Utah prior to Utah General Availability \n\n\n\n\nIf this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.",
"id": "GHSA-438x-9g8x-78p5",
"modified": "2025-02-13T18:31:37Z",
"published": "2023-06-13T21:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43684"
},
{
"type": "WEB",
"url": "https://news.ycombinator.com/item?id=36638530"
},
{
"type": "WEB",
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1303489"
},
{
"type": "WEB",
"url": "https://x64.sh/posts/ServiceNow-Insecure-access-control-to-admin"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/173354/ServiceNow-Insecure-Access-Control-Full-Admin-Compromise.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Jul/11"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-43CW-WCF7-W8FV
Vulnerability from github – Published: 2022-03-19 00:00 – Updated: 2022-03-29 00:01An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access.
{
"affected": [],
"aliases": [
"CVE-2022-22598"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-18T18:15:00Z",
"severity": "LOW"
},
"details": "An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access.",
"id": "GHSA-43cw-wcf7-w8fv",
"modified": "2022-03-29T00:01:34Z",
"published": "2022-03-19T00:00:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22598"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213182"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-43J3-XVP9-VV7J
Vulnerability from github – Published: 2022-10-12 12:00 – Updated: 2022-10-14 19:00Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted.
{
"affected": [],
"aliases": [
"CVE-2022-39015"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-11T21:15:00Z",
"severity": "MODERATE"
},
"details": "Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted.",
"id": "GHSA-43j3-xvp9-vv7j",
"modified": "2022-10-14T19:00:39Z",
"published": "2022-10-12T12:00:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39015"
},
{
"type": "WEB",
"url": "https://launchpad.support.sap.com/#/notes/3239293"
},
{
"type": "WEB",
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-43RF-FWX9-64W8
Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2022-07-13 00:01In Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. The installation configuration user interface available to administrators allows testing the configured SMTP server settings. This test function can be used to identify the listening TCP ports available to the server, revealing information about the internal network environment.
{
"affected": [],
"aliases": [
"CVE-2021-41590"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-27T14:15:00Z",
"severity": "MODERATE"
},
"details": "In Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. The installation configuration user interface available to administrators allows testing the configured SMTP server settings. This test function can be used to identify the listening TCP ports available to the server, revealing information about the internal network environment.",
"id": "GHSA-43rf-fwx9-64w8",
"modified": "2022-07-13T00:01:41Z",
"published": "2022-05-24T19:18:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41590"
},
{
"type": "WEB",
"url": "https://security.gradle.com"
},
{
"type": "WEB",
"url": "https://security.gradle.com/advisory/2021-07"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-43WV-W8Q4-MCVR
Vulnerability from github – Published: 2024-07-09 18:30 – Updated: 2025-10-22 00:33Windows MSHTML Platform Spoofing Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-38112"
],
"database_specific": {
"cwe_ids": [
"CWE-451",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-09T17:15:47Z",
"severity": "HIGH"
},
"details": "Windows MSHTML Platform Spoofing Vulnerability",
"id": "GHSA-43wv-w8q4-mcvr",
"modified": "2025-10-22T00:33:04Z",
"published": "2024-07-09T18:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38112"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38112"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-443J-7M97-75J3
Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.network.traffic_005freport_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5191.
{
"affected": [],
"aliases": [
"CVE-2017-16600"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-01-23T01:29:00Z",
"severity": "MODERATE"
},
"details": "This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.network.traffic_005freport_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5191.",
"id": "GHSA-443j-7m97-75j3",
"modified": "2022-05-13T01:37:24Z",
"published": "2022-05-13T01:37:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16600"
},
{
"type": "WEB",
"url": "https://zerodayinitiative.com/advisories/ZDI-17-965"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102528"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-44X5-VV7X-RXJ5
Vulnerability from github – Published: 2022-01-25 00:01 – Updated: 2023-08-08 15:31An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI.
{
"affected": [],
"aliases": [
"CVE-2022-23856"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-24T02:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI.",
"id": "GHSA-44x5-vv7x-rxj5",
"modified": "2023-08-08T15:31:37Z",
"published": "2022-01-25T00:01:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23856"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/692873"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-456V-QXQW-V893
Vulnerability from github – Published: 2022-12-21 18:30 – Updated: 2022-12-21 18:30vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.
{
"affected": [],
"aliases": [
"CVE-2022-31708"
],
"database_specific": {
"cwe_ids": [
"CWE-284",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-16T16:15:00Z",
"severity": "MODERATE"
},
"details": "vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.",
"id": "GHSA-456v-qxqw-v893",
"modified": "2022-12-21T18:30:23Z",
"published": "2022-12-21T18:30:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31708"
},
{
"type": "WEB",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0034.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.