Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1252 vulnerabilities reference this CWE, most recent first.

GHSA-GWCJ-QF8M-GCW5

Vulnerability from github – Published: 2022-03-31 00:00 – Updated: 2022-04-06 00:01
VLAI
Details

In Telephony, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-194743207

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39777"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-30T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In Telephony, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-194743207",
  "id": "GHSA-gwcj-qf8m-gcw5",
  "modified": "2022-04-06T00:01:50Z",
  "published": "2022-03-31T00:00:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39777"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/android-12l"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GWJ5-WP6R-5Q9F

Vulnerability from github – Published: 2022-08-11 18:08 – Updated: 2022-08-11 18:08
VLAI
Summary
Cronos vulnerable to DoS through unintended Contract Selfdestruct
Details

In Cronos nodes running versions before v0.7.0, the contract selfdestruct invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in Ethermint, all contracts that used the identical bytecode (i.e shared the same CodeHash) will also stop working once one contract invokes selfdestruct, even though the other contracts did not invoke the selfdestruct OPCODE. Thanks to the successfully coordinated security vulnerability disclosure, no smart contracts were impacted through the use of this vulnerability. Smart contract states and storage values are not affected by this vulnerability. This problem has been patched in Cronos v0.8.0. The patch has state machine-breaking changes and the required coordinated network upgrade was done on the block height 3982500 on the Cronos mainnet beta network. If a contract is subject to DoS due to this issue, the user can redeploy the same contract, i.e with identical bytecode, so that the original contract's code is recovered.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.7.0"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/crypto-org-chain/cronos"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.8.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-08-11T18:08:57Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "In Cronos nodes running versions before v0.7.0, the contract selfdestruct invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in Ethermint, all contracts that used the identical bytecode (i.e shared the same CodeHash) will also stop working once one contract invokes selfdestruct, even though the other contracts did not invoke the selfdestruct OPCODE. Thanks to the successfully coordinated security vulnerability disclosure, no smart contracts were impacted through the use of this vulnerability. Smart contract states and storage values are not affected by this vulnerability. This problem has been patched in Cronos v0.8.0. The patch has state machine-breaking changes and the required coordinated network upgrade was done on the block height 3982500 on the Cronos mainnet beta network. If a contract is subject to DoS due to this issue, the user can redeploy the same contract, i.e with identical bytecode, so that the original contract\u0027s code is recovered.\n",
  "id": "GHSA-gwj5-wp6r-5q9f",
  "modified": "2022-08-11T18:08:57Z",
  "published": "2022-08-11T18:08:57Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/crypto-org-chain/cronos/security/advisories/GHSA-gwj5-wp6r-5q9f"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35936"
    },
    {
      "type": "WEB",
      "url": "https://github.com/crypto-org-chain/cronos/commit/2f2cc88b501b47149690fdef05afbbbe5bc116c9"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/crypto-org-chain/cronos"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Cronos vulnerable to DoS through unintended Contract Selfdestruct"
}

GHSA-GWQR-42V8-7M7Q

Vulnerability from github – Published: 2022-09-28 00:00 – Updated: 2022-09-30 00:00
VLAI
Details

Zammad 5.2.1 is vulnerable to Incorrect Access Control. Zammad's asset handling mechanism has logic to ensure that customer users are not able to see personal information of other users. This logic was not effective when used through a web socket connection, so that a logged-in attacker would be able to fetch personal data of other users by querying the Zammad API. This issue is fixed in , 5.2.2.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-40816"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668",
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-27T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Zammad 5.2.1 is vulnerable to Incorrect Access Control. Zammad\u0027s asset handling mechanism has logic to ensure that customer users are not able to see personal information of other users. This logic was not effective when used through a web socket connection, so that a logged-in attacker would be able to fetch personal data of other users by querying the Zammad API. This issue is fixed in , 5.2.2.",
  "id": "GHSA-gwqr-42v8-7m7q",
  "modified": "2022-09-30T00:00:44Z",
  "published": "2022-09-28T00:00:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40816"
    },
    {
      "type": "WEB",
      "url": "https://zammad.com/de/advisories/zaa-2022-09"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GWRJ-9V3P-9982

Vulnerability from github – Published: 2022-09-30 00:00 – Updated: 2022-10-04 00:00
VLAI
Details

In BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat does not apply to already opened chats. This occurs in bigbluebutton-html5/imports/ui/components/chat/service.js.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-27601"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-29T03:15:00Z",
    "severity": "LOW"
  },
  "details": "In BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat does not apply to already opened chats. This occurs in bigbluebutton-html5/imports/ui/components/chat/service.js.",
  "id": "GHSA-gwrj-9v3p-9982",
  "modified": "2022-10-04T00:00:19Z",
  "published": "2022-09-30T00:00:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27601"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bigbluebutton/bigbluebutton/commit/7dcdfb191373684bafa7b11cdd0128c9869040a1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bigbluebutton/bigbluebutton/compare/v2.2.6...v2.2.7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H238-V7R9-R6G7

Vulnerability from github – Published: 2023-09-18 21:30 – Updated: 2024-04-04 07:43
VLAI
Details

An information leak in Camp Style Project Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-39039"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-18T21:15:54Z",
    "severity": "MODERATE"
  },
  "details": "An information leak in Camp Style Project Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.",
  "id": "GHSA-h238-v7r9-r6g7",
  "modified": "2024-04-04T07:43:24Z",
  "published": "2023-09-18T21:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39039"
    },
    {
      "type": "WEB",
      "url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39039.md"
    },
    {
      "type": "WEB",
      "url": "http://camp.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H29M-QM63-F57F

Vulnerability from github – Published: 2023-07-28 09:30 – Updated: 2024-04-04 06:24
VLAI
Details

In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-3670"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-28T08:15:10Z",
    "severity": "HIGH"
  },
  "details": "In CODESYS Development System 3.5.9.0 to\u00a03.5.17.0 and\u00a0CODESYS Scripting\u00a04.0.0.0 to\u00a04.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.",
  "id": "GHSA-h29m-qm63-f57f",
  "modified": "2024-04-04T06:24:57Z",
  "published": "2023-07-28T09:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3670"
    },
    {
      "type": "WEB",
      "url": "https://cert.vde.com/en/advisories/VDE-2023-024"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H32Q-4PPH-8PGM

Vulnerability from github – Published: 2024-12-10 15:32 – Updated: 2024-12-16 15:31
VLAI
Details

Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on A77, A78, A78C, A78AE, A710, V1, V2, V3, V3AE, X1, X1C, X2, X3, X4, N2, X925 & Travis may permit bypass of Stage-2 translation and/or GPT protection

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-5660"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-10T14:30:47Z",
    "severity": "CRITICAL"
  },
  "details": "Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on A77, A78, A78C, A78AE, A710, V1, V2, V3, V3AE, X1, X1C, X2, X3, X4, N2, X925 \u0026 Travis\u00a0may permit bypass of Stage-2 translation and/or GPT protection",
  "id": "GHSA-h32q-4pph-8pgm",
  "modified": "2024-12-16T15:31:34Z",
  "published": "2024-12-10T15:32:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5660"
    },
    {
      "type": "WEB",
      "url": "https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H3P7-G5CP-X5QF

Vulnerability from github – Published: 2022-10-07 18:15 – Updated: 2022-10-09 00:00
VLAI
Details

IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-30613"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-07T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366.",
  "id": "GHSA-h3p7-g5cp-x5qf",
  "modified": "2022-10-09T00:00:19Z",
  "published": "2022-10-07T18:15:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30613"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/227366"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6826693"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H4H4-7HV6-XJWJ

Vulnerability from github – Published: 2023-07-21 00:30 – Updated: 2024-04-04 06:18
VLAI
Details

eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custom_model_path/recruit.filelist.txt.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-37645"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-20T22:15:10Z",
    "severity": "MODERATE"
  },
  "details": "eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custom_model_path/recruit.filelist.txt.",
  "id": "GHSA-h4h4-7hv6-xjwj",
  "modified": "2024-04-04T06:18:14Z",
  "published": "2023-07-21T00:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37645"
    },
    {
      "type": "WEB",
      "url": "https://github.com/weng-xianhu/eyoucms/issues/50"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H4M3-GMCR-5VQW

Vulnerability from github – Published: 2022-05-24 17:42 – Updated: 2022-05-24 17:42
VLAI
Details

An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-27236"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668",
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-16T04:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution.",
  "id": "GHSA-h4m3-gmcr-5vqw",
  "modified": "2022-05-24T17:42:23Z",
  "published": "2022-05-24T17:42:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27236"
    },
    {
      "type": "WEB",
      "url": "https://www.mutare.com/security-adv-mutare-2021-001-mutare-voice"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.