CWE-863
Allowed-with-ReviewIncorrect Authorization
Abstraction: Class · Status: Incomplete
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
5548 vulnerabilities reference this CWE, most recent first.
CVE-2025-1418 (GCVE-0-2025-1418)
Vulnerability from cvelistv5 – Published: 2025-05-21 13:03 – Updated: 2025-05-21 13:26- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2025/05/CVE-2025-1415 | third-party-advisory |
| https://proget.pl/en/mobile-device-management/ | product |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-21T13:25:58.736936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T13:26:07.661Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Proget",
"vendor": "Proget",
"versions": [
{
"lessThan": "2.17.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marcin W\u0119g\u0142owski (AFINE)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA low-privileged user can access information about profiles created in\u0026nbsp;Proget MDM (Mobile Device Management), which contain details about allowed/prohibited functions. The profiles do not reveal any sensitive information (including their usage in connected devices).\u0026nbsp; \u0026nbsp;\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue has been fixed in\u0026nbsp;2.17.5 version of\u0026nbsp;Konsola Proget (server part of the MDM suite).\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "A low-privileged user can access information about profiles created in\u00a0Proget MDM (Mobile Device Management), which contain details about allowed/prohibited functions. The profiles do not reveal any sensitive information (including their usage in connected devices).\u00a0 \u00a0\n\n\nThis issue has been fixed in\u00a02.17.5 version of\u00a0Konsola Proget (server part of the MDM suite)."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T13:23:22.901Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/05/CVE-2025-1415"
},
{
"tags": [
"product"
],
"url": "https://proget.pl/en/mobile-device-management/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information disclosure in Proget MDM",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2025-1418",
"datePublished": "2025-05-21T13:03:44.656Z",
"dateReserved": "2025-02-18T13:43:47.696Z",
"dateUpdated": "2025-05-21T13:26:07.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1417 (GCVE-0-2025-1417)
Vulnerability from cvelistv5 – Published: 2025-05-21 13:03 – Updated: 2025-05-21 13:30- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2025/05/CVE-2025-1415 | third-party-advisory |
| https://proget.pl/en/mobile-device-management/ | product |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1417",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-21T13:30:14.639469Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T13:30:21.030Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Proget",
"vendor": "Proget",
"versions": [
{
"lessThan": "2.17.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marcin W\u0119g\u0142owski (AFINE)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Proget MDM, a low-privileged user can access information about changes contained in backups of all devices managed by the MDM (Mobile Device Management). This information include user ids, email addresses, first names, last names and device UUIDs. The last one can be used for exploitation of CVE-2025-1416.\u003c/p\u003e\u003cp\u003eSuccessful exploitation requires UUID of a targeted backup, which cannot be brute forced.\u0026nbsp;\u003c/p\u003e\u003cp\u003eThis issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "In Proget MDM, a low-privileged user can access information about changes contained in backups of all devices managed by the MDM (Mobile Device Management). This information include user ids, email addresses, first names, last names and device UUIDs. The last one can be used for exploitation of CVE-2025-1416.\n\nSuccessful exploitation requires UUID of a targeted backup, which cannot be brute forced.\u00a0\n\nThis issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite)."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T13:23:11.375Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/05/CVE-2025-1415"
},
{
"tags": [
"product"
],
"url": "https://proget.pl/en/mobile-device-management/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information disclosure in Proget MDM",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2025-1417",
"datePublished": "2025-05-21T13:03:35.249Z",
"dateReserved": "2025-02-18T13:43:46.725Z",
"dateUpdated": "2025-05-21T13:30:21.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1416 (GCVE-0-2025-1416)
Vulnerability from cvelistv5 – Published: 2025-05-21 13:03 – Updated: 2025-05-21 13:31- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2025/05/CVE-2025-1415 | third-party-advisory |
| https://proget.pl/en/mobile-device-management/ | product |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1416",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-21T13:31:18.566757Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T13:31:23.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Proget",
"vendor": "Proget",
"versions": [
{
"lessThan": "2.17.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marcin W\u0119g\u0142owski (AFINE)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Proget MDM, a low-privileged user can retrieve passwords for managed devices and subsequently\u0026nbsp;use functionalities restricted by the MDM (Mobile Device Management). For it to happen, they must know the UUIDs of targetted devices, which might be obtained by exploiting\u0026nbsp;CVE-2025-1415 or\u0026nbsp;CVE-2025-1417.\u003c/p\u003e\u003cp\u003eThis issue has been fixed in\u0026nbsp;2.17.5 version of\u0026nbsp;Konsola Proget (server part of the MDM suite).\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "In Proget MDM, a low-privileged user can retrieve passwords for managed devices and subsequently\u00a0use functionalities restricted by the MDM (Mobile Device Management). For it to happen, they must know the UUIDs of targetted devices, which might be obtained by exploiting\u00a0CVE-2025-1415 or\u00a0CVE-2025-1417.\n\nThis issue has been fixed in\u00a02.17.5 version of\u00a0Konsola Proget (server part of the MDM suite)."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T13:22:59.694Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/05/CVE-2025-1415"
},
{
"tags": [
"product"
],
"url": "https://proget.pl/en/mobile-device-management/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Password disclosure in Proget MDM",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2025-1416",
"datePublished": "2025-05-21T13:03:07.286Z",
"dateReserved": "2025-02-18T13:43:45.787Z",
"dateUpdated": "2025-05-21T13:31:23.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1415 (GCVE-0-2025-1415)
Vulnerability from cvelistv5 – Published: 2025-05-21 10:38 – Updated: 2025-05-21 13:31- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2025/05/CVE-2025-1415 | third-party-advisory |
| https://proget.pl/en/mobile-device-management/ | product |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1415",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-21T13:31:51.431659Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T13:31:57.667Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Proget",
"vendor": "Proget",
"versions": [
{
"lessThan": "2.17.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marcin W\u0119g\u0142owski (AFINE)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eA low-privileged user is able to obtain information about tasks executed on devices controlled by Proget MDM (Mobile Device Management), as well as details of the devices like their UUIDs needed for exploitation of CVE-2025-1416.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eIn order to perform the attack, one has to know a task_id, but since it\u0027s a low integer and there is no limit of requests an attacker can perform to a vulnerable endpoint, the task_id might be simply brute forced.\u003cbr\u003e\u003cbr\u003eThis issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).\u003cbr\u003e\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "A low-privileged user is able to obtain information about tasks executed on devices controlled by Proget MDM (Mobile Device Management), as well as details of the devices like their UUIDs needed for exploitation of CVE-2025-1416.\n\nIn order to perform the attack, one has to know a task_id, but since it\u0027s a low integer and there is no limit of requests an attacker can perform to a vulnerable endpoint, the task_id might be simply brute forced.\n\nThis issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite)."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T13:22:37.392Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/05/CVE-2025-1415"
},
{
"tags": [
"product"
],
"url": "https://proget.pl/en/mobile-device-management/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information disclosure in Proget MDM",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2025-1415",
"datePublished": "2025-05-21T10:38:05.794Z",
"dateReserved": "2025-02-18T13:43:44.580Z",
"dateUpdated": "2025-05-21T13:31:57.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1214 (GCVE-0-2025-1214)
Vulnerability from cvelistv5 – Published: 2025-02-12 18:00 – Updated: 2025-02-12 19:41| URL | Tags |
|---|---|
| https://vuldb.com/?id.295173 | vdb-entry |
| https://vuldb.com/?ctiid.295173 | signaturepermissions-required |
| https://vuldb.com/?submit.497533 | third-party-advisory |
| https://github.com/janssensjelle/published-pocs/b… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| pihome-shc | PiHome |
Affected:
2.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1214",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T19:41:46.235876Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:41:53.328Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/janssensjelle/published-pocs/blob/main/pihomehvac-improper-access-control.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Role-Based Access Control"
],
"product": "PiHome",
"vendor": "pihome-shc",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Jelle Janssens (VulDB User)"
},
{
"lang": "en",
"type": "analyst",
"value": "Jelle Janssens (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in pihome-shc PiHome 2.0. This affects an unknown part of the file /user_accounts.php?uid of the component Role-Based Access Control. The manipulation leads to missing authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in pihome-shc PiHome 2.0 entdeckt. Sie wurde als kritisch eingestuft. Dabei betrifft es einen unbekannter Codeteil der Datei /user_accounts.php?uid der Komponente Role-Based Access Control. Durch Beeinflussen mit unbekannten Daten kann eine missing authorization-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T18:00:11.965Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-295173 | pihome-shc PiHome Role-Based Access Control user_accounts.php authorization",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.295173"
},
{
"name": "VDB-295173 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.295173"
},
{
"name": "Submit #497533 | pihome-shc PiHome HVAC 2.0 Missing Authorization",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.497533"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/janssensjelle/published-pocs/blob/main/pihomehvac-improper-access-control.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-02-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-02-11T10:33:19.000Z",
"value": "VulDB entry last update"
}
],
"title": "pihome-shc PiHome Role-Based Access Control user_accounts.php authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-1214",
"datePublished": "2025-02-12T18:00:11.965Z",
"dateReserved": "2025-02-10T22:45:16.169Z",
"dateUpdated": "2025-02-12T19:41:53.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0937 (GCVE-0-2025-0937)
Vulnerability from cvelistv5 – Published: 2025-02-12 18:59 – Updated: 2025-02-12 19:32- CWE-863 - Incorrect Authorization
| Vendor | Product | Version | |
|---|---|---|---|
| HashiCorp | Nomad |
Affected:
1.0.0 , < 1.9.6
(semver)
|
|
| HashiCorp | Nomad Enterprise |
Affected:
1.0.0 , < 1.9.6
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0937",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T19:32:44.227668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:32:54.537Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"64 bit",
"32 bit",
"x86",
"ARM",
"MacOS",
"Windows",
"Linux"
],
"product": "Nomad",
"repo": "https://github.com/hashicorp/nomad",
"vendor": "HashiCorp",
"versions": [
{
"lessThan": "1.9.6",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"64 bit",
"32 bit",
"x86",
"ARM",
"MacOS",
"Windows",
"Linux"
],
"product": "Nomad Enterprise",
"repo": "https://github.com/hashicorp/nomad",
"vendor": "HashiCorp",
"versions": [
{
"changes": [
{
"at": "1.8.10",
"status": "unaffected"
},
{
"at": "1.7.18",
"status": "unaffected"
}
],
"lessThan": "1.9.6",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eNomad Community and Nomad Enterprise (\"Nomad\") event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces.\u003c/p\u003e\u003cbr/\u003e"
}
],
"value": "Nomad Community and Nomad Enterprise (\"Nomad\") event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233: Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T18:59:25.011Z",
"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"shortName": "HashiCorp"
},
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2025-02-nomad-vulnerable-to-event-stream-namespace-acl-policy-bypass-through-wildcard-namespace/73191"
}
],
"source": {
"advisory": "HCSEC-2025-02",
"discovery": "INTERNAL"
},
"title": "Nomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace"
}
},
"cveMetadata": {
"assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"assignerShortName": "HashiCorp",
"cveId": "CVE-2025-0937",
"datePublished": "2025-02-12T18:59:25.011Z",
"dateReserved": "2025-01-31T17:42:01.531Z",
"dateUpdated": "2025-02-12T19:32:54.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0885 (GCVE-0-2025-0885)
Vulnerability from cvelistv5 – Published: 2025-07-03 09:54 – Updated: 2025-07-03 13:17- CWE-863 - Incorrect Authorization
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0885",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-03T13:09:48.792004Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T13:17:25.834Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GroupWise",
"vendor": "OpenText\u2122",
"versions": [
{
"lessThanOrEqual": "17.5",
"status": "affected",
"version": "7",
"versionType": "custom"
},
{
"status": "affected",
"version": "23.4"
},
{
"status": "affected",
"version": "24.1"
},
{
"status": "affected",
"version": "24.2"
},
{
"status": "affected",
"version": "24.3"
},
{
"status": "affected",
"version": "24.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Authorization vulnerability in OpenText\u2122 GroupWise allows Exploiting Incorrectly Configured Access Control Security Levels.\n\nThe vulnerability could \u003ca target=\"_blank\" rel=\"nofollow\"\u003eallow unauthorized access to calendar items marked private.\u003c/a\u003e\n\n\u003cp\u003eThis issue affects GroupWise versions 7 through 17.5, 23.4, 24.1, 24.2, 24.3, 24.4.\u003c/p\u003e"
}
],
"value": "Incorrect Authorization vulnerability in OpenText\u2122 GroupWise allows Exploiting Incorrectly Configured Access Control Security Levels.\n\nThe vulnerability could allow unauthorized access to calendar items marked private.\n\nThis issue affects GroupWise versions 7 through 17.5, 23.4, 24.1, 24.2, 24.3, 24.4."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 1.8,
"baseSeverity": "LOW",
"privilegesRequired": "HIGH",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/S:P/AU:Y/R:A/V:D/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T09:54:20.856Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "OpenText"
},
"references": [
{
"url": "https://portal.microfocus.com/s/article/KM000041560?language=en_US"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://portal.microfocus.com/s/article/KM000041560?language=en_US\"\u003eSecurity Alert - Incorrect Authorization vulnerability has been discovered in OpenText\u2122 GroupWise.\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "Security Alert - Incorrect Authorization vulnerability has been discovered in OpenText\u2122 GroupWise. https://portal.microfocus.com/s/article/KM000041560"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incorrect Authorization vulnerability affects OpenText\u2122 GroupWise",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "OpenText",
"cveId": "CVE-2025-0885",
"datePublished": "2025-07-03T09:54:20.856Z",
"dateReserved": "2025-01-30T15:23:28.138Z",
"dateUpdated": "2025-07-03T13:17:25.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0781 (GCVE-0-2025-0781)
Vulnerability from cvelistv5 – Published: 2025-01-28 16:34 – Updated: 2025-02-12 20:01- CWE-863 - Incorrect Authorization
| Vendor | Product | Version | |
|---|---|---|---|
| FlightGear | SimGear |
Affected:
0 , ≤ 2020.3.19
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-01-29T22:02:34.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00028.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00029.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0781",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T17:02:59.957883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:01:11.702Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SimGear",
"vendor": "FlightGear",
"versions": [
{
"lessThanOrEqual": "2020.3.19",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Florent Rougon"
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T16:34:21.881Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://gitlab.com/flightgear/simgear/-/commit/5bb023647114267141a7610e8f1ca7d6f4f5a5a8"
},
{
"url": "https://gitlab.com/flightgear/flightgear/-/commit/ad37afce28083fad7f79467b3ffdead753584358"
},
{
"name": "GitLab Issue #3025",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/flightgear/flightgear/-/issues/3025"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FlightGear version 2020.3.20 or 2024.1.1."
}
],
"title": "Incorrect Authorization in SimGear"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2025-0781",
"datePublished": "2025-01-28T16:34:21.881Z",
"dateReserved": "2025-01-28T13:04:32.712Z",
"dateUpdated": "2025-02-12T20:01:11.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0765 (GCVE-0-2025-0765)
Vulnerability from cvelistv5 – Published: 2025-07-24 06:33 – Updated: 2025-07-24 13:36- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/issues/515381 | issue-trackingpermissions-required |
| https://hackerone.com/reports/2956315 | technical-descriptionexploitpermissions-required |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0765",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-24T13:09:53.141107Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-24T13:36:22.397Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.0.5",
"status": "affected",
"version": "17.9",
"versionType": "semver"
},
{
"lessThan": "18.1.3",
"status": "affected",
"version": "18.1",
"versionType": "semver"
},
{
"lessThan": "18.2.1",
"status": "affected",
"version": "18.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [iamgk808](https://hackerone.com/iamgk808) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an unauthorized user to access custom service desk email addresses."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-24T06:33:38.009Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #515381",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/515381"
},
{
"name": "HackerOne Bug Bounty Report #2956315",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2956315"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.0.5, 18.1.3, 18.2.1 or above."
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2025-0765",
"datePublished": "2025-07-24T06:33:38.009Z",
"dateReserved": "2025-01-28T00:02:31.496Z",
"dateUpdated": "2025-07-24T13:36:22.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0652 (GCVE-0-2025-0652)
Vulnerability from cvelistv5 – Published: 2025-03-13 05:55 – Updated: 2025-03-14 18:04- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/issues/514532 | issue-trackingpermissions-required |
| https://hackerone.com/reports/2947863 | technical-descriptionexploitpermissions-required |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0652",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-14T18:04:17.187518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-14T18:04:47.874Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "17.7.7",
"status": "affected",
"version": "16.9",
"versionType": "semver"
},
{
"lessThan": "17.8.5",
"status": "affected",
"version": "17.8",
"versionType": "semver"
},
{
"lessThan": "17.9.2",
"status": "affected",
"version": "17.9",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [foxribeye](https://hackerone.com/foxribeye) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab EE/CE affecting all versions starting from 16.9 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2 could allow unauthorized users to access confidential information intended for internal use only."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T05:55:59.744Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #514532",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/514532"
},
{
"name": "HackerOne Bug Bounty Report #2947863",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2947863"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 17.7.7, 17.8.5, 17.9.2."
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2025-0652",
"datePublished": "2025-03-13T05:55:59.744Z",
"dateReserved": "2025-01-22T16:01:54.566Z",
"dateUpdated": "2025-03-14T18:04:47.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation MIT-4.4
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
No CAPEC attack patterns related to this CWE.