Common Weakness Enumeration

CWE-863

Allowed-with-Review

Incorrect Authorization

Abstraction: Class · Status: Incomplete

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

5548 vulnerabilities reference this CWE, most recent first.

CVE-2024-41941 (GCVE-0-2024-41941)

Vulnerability from cvelistv5 – Published: 2024-08-13 07:54 – Updated: 2024-08-13 13:18
VLAI
Summary
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-863 - Incorrect Authorization
Assigner
Impacted products
Vendor Product Version
Siemens SINEC NMS Affected: 0 , < V3.0 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41941",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-13T13:06:14.340763Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-13T13:18:22.820Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SINEC NMS",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SINEC NMS (All versions \u003c V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-13T07:54:34.225Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-41941",
    "datePublished": "2024-08-13T07:54:34.225Z",
    "dateReserved": "2024-07-24T15:11:47.851Z",
    "dateUpdated": "2024-08-13T13:18:22.820Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-41939 (GCVE-0-2024-41939)

Vulnerability from cvelistv5 – Published: 2024-08-13 07:54 – Updated: 2024-08-13 14:21
VLAI
Summary
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and elevate their privileges on the application.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-863 - Incorrect Authorization
Assigner
Impacted products
Vendor Product Version
Siemens SINEC NMS Affected: 0 , < V3.0 (custom)
Create a notification for this product.
siemens sinec_nms Affected: 0 , < 3.0 (custom)
    cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sinec_nms",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "3.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41939",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-13T14:20:26.504156Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-13T14:21:41.360Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SINEC NMS",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SINEC NMS (All versions \u003c V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and elevate their privileges on the application."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-13T07:54:31.595Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-41939",
    "datePublished": "2024-08-13T07:54:31.595Z",
    "dateReserved": "2024-07-24T14:47:36.388Z",
    "dateUpdated": "2024-08-13T14:21:41.360Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-41670 (GCVE-0-2024-41670)

Vulnerability from cvelistv5 – Published: 2024-07-26 14:46 – Updated: 2024-08-02 04:46
VLAI
Title
PayPal Official Module for PrestaShop has Improperly Implemented Security Check for Standard
Summary
In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disabled webhooks can be exploited to create an accepted order. This could allow a threat actor to confirm an order with a fraudulent payment support. Versions 6.4.2 and 3.18.1 contain a patch for the issue. Additionally, users enable webhooks and check they are callable.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
202ecommerce paypal Affected: < 6.4.2
Affected: < 3.18.1
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41670",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-26T15:56:46.794129Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-26T15:56:54.457Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:46:52.667Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/202ecommerce/paypal/security/advisories/GHSA-w3w3-j3mh-3354",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/202ecommerce/paypal/security/advisories/GHSA-w3w3-j3mh-3354"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "paypal",
          "vendor": "202ecommerce",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 6.4.2"
            },
            {
              "status": "affected",
              "version": "\u003c 3.18.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the module \"PayPal Official\" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disabled webhooks can be exploited to create an accepted order. This could allow a threat actor to confirm an order with a fraudulent payment support. Versions 6.4.2 and 3.18.1 contain a patch for the issue. Additionally, users enable webhooks and check they are callable."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "CWE-285: Improper Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-26T14:46:14.226Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/202ecommerce/paypal/security/advisories/GHSA-w3w3-j3mh-3354",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/202ecommerce/paypal/security/advisories/GHSA-w3w3-j3mh-3354"
        }
      ],
      "source": {
        "advisory": "GHSA-w3w3-j3mh-3354",
        "discovery": "UNKNOWN"
      },
      "title": "PayPal Official Module for PrestaShop has Improperly Implemented Security Check for Standard"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-41670",
    "datePublished": "2024-07-26T14:46:14.226Z",
    "dateReserved": "2024-07-18T15:21:47.485Z",
    "dateUpdated": "2024-08-02T04:46:52.667Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-41140 (GCVE-0-2024-41140)

Vulnerability from cvelistv5 – Published: 2025-01-29 11:14 – Updated: 2025-02-12 19:51
VLAI
Title
Improper Authorization
Summary
Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the incorrect authorization in the update user function.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-863 - Incorrect Authorization
Assigner
Impacted products
Vendor Product Version
ManageEngine Applications Manager Affected: 0 , ≤ 174000 (174000)
Create a notification for this product.
Credits
maneesh
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41140",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-29T14:06:02.590376Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T19:51:14.429Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Applications Manager",
          "vendor": "ManageEngine",
          "versions": [
            {
              "lessThanOrEqual": "174000",
              "status": "affected",
              "version": "0",
              "versionType": "174000"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "maneesh"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Zohocorp ManageEngine Applications Manager versions\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e174000 and prior are vulnerable to the incorrect authorization in the update user function.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Zohocorp ManageEngine Applications Manager versions\u00a0174000 and prior are vulnerable to the incorrect authorization in the update user function."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863 Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-29T11:14:50.910Z",
        "orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
        "shortName": "ManageEngine"
      },
      "references": [
        {
          "url": "https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2024-41140.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Improper Authorization",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
    "assignerShortName": "ManageEngine",
    "cveId": "CVE-2024-41140",
    "datePublished": "2025-01-29T11:14:50.910Z",
    "dateReserved": "2024-07-16T07:03:21.743Z",
    "dateUpdated": "2025-02-12T19:51:14.429Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-41110 (GCVE-0-2024-41110)

Vulnerability from cvelistv5 – Published: 2024-07-24 16:49 – Updated: 2024-10-13 21:03
VLAI
Title
Moby authz zero length regression
Summary
Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base likelihood of this being exploited is low. Using a specially-crafted API request, an Engine API client could make the daemon forward the request or response to an authorization plugin without the body. In certain circumstances, the authorization plugin may allow a request which it would have otherwise denied if the body had been forwarded to it. A security issue was discovered In 2018, where an attacker could bypass AuthZ plugins using a specially crafted API request. This could lead to unauthorized actions, including privilege escalation. Although this issue was fixed in Docker Engine v18.09.1 in January 2019, the fix was not carried forward to later major versions, resulting in a regression. Anyone who depends on authorization plugins that introspect the request and/or response body to make access control decisions is potentially impacted. Docker EE v19.03.x and all versions of Mirantis Container Runtime are not vulnerable. docker-ce v27.1.1 containes patches to fix the vulnerability. Patches have also been merged into the master, 19.03, 20.0, 23.0, 24.0, 25.0, 26.0, and 26.1 release branches. If one is unable to upgrade immediately, avoid using AuthZ plugins and/or restrict access to the Docker API to trusted parties, following the principle of least privilege.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-187 - Partial String Comparison
  • CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
  • CWE-863 - Incorrect Authorization
Assigner
Impacted products
Vendor Product Version
moby moby Affected: >= 19.03.0, <= 19.03.15
Affected: >= 20.0.0, <= 20.10.27
Affected: >= 23.0.0, <= 23.0.14
Affected: >= 24.0.0, <= 24.0.9
Affected: >= 25.0.0, <= 25.0.5
Affected: >= 26.0.0, <= 26.0.2
Affected: >= 26.1.0, <= 26.1.14
Affected: >= 27.0.0, <= 27.0.3
Affected: = 27.1.0
Create a notification for this product.
docker moby Affected: 19.0.0 , ≤ 19.03.15 (custom)
    cpe:2.3:a:docker:moby:19.0.0:*:*:*:*:*:*:*
Create a notification for this product.
docker moby Affected: 20.0.0 , ≤ 20.10.27 (custom)
    cpe:2.3:a:docker:moby:20.0.0:*:*:*:*:*:*:*
Create a notification for this product.
docker moby Affected: 23.0.0 , ≤ 23.0.14 (custom)
    cpe:2.3:a:docker:moby:23.0.0:*:*:*:*:*:*:*
Create a notification for this product.
docker moby Affected: 24.0.0 , ≤ 24.0.9 (custom)
    cpe:2.3:a:docker:moby:24.0.0:*:*:*:*:*:*:*
Create a notification for this product.
docker moby Affected: 25.0.0 , ≤ 25.0.5 (custom)
    cpe:2.3:a:docker:moby:25.0.0:*:*:*:*:*:*:*
Create a notification for this product.
docker moby Affected: 26.0.0 , ≤ 26.0.2 (custom)
    cpe:2.3:a:docker:moby:26.1.0:*:*:*:*:*:*:*
Create a notification for this product.
docker moby Affected: 26.1.0 , ≤ 26.1.14 (custom)
    cpe:2.3:a:docker:moby:27.0.0:*:*:*:*:*:*:*
Create a notification for this product.
docker moby Affected: 27.1.0
    cpe:2.3:a:docker:moby:27.1.0:*:*:*:*:*:*:*
Create a notification for this product.
docker moby Affected: 26.0.0 , ≤ 26.0.2 (custom)
    cpe:2.3:a:docker:moby:26.0.0:*:*:*:*:*:*:*
Create a notification for this product.
docker moby Affected: 26.1.0 , ≤ 26.1.14 (custom)
    cpe:2.3:a:docker:moby:26.1.0:*:*:*:*:*:*:*
Create a notification for this product.
docker moby Affected: 27.0.0 , ≤ 27.0.3 (custom)
    cpe:2.3:a:docker:moby:27.0.0:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:docker:moby:19.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "moby",
            "vendor": "docker",
            "versions": [
              {
                "lessThanOrEqual": "19.03.15",
                "status": "affected",
                "version": "19.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:docker:moby:20.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "moby",
            "vendor": "docker",
            "versions": [
              {
                "lessThanOrEqual": "20.10.27",
                "status": "affected",
                "version": "20.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:docker:moby:23.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "moby",
            "vendor": "docker",
            "versions": [
              {
                "lessThanOrEqual": "23.0.14",
                "status": "affected",
                "version": "23.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:docker:moby:24.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "moby",
            "vendor": "docker",
            "versions": [
              {
                "lessThanOrEqual": "24.0.9",
                "status": "affected",
                "version": "24.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:docker:moby:25.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "moby",
            "vendor": "docker",
            "versions": [
              {
                "lessThanOrEqual": "25.0.5",
                "status": "affected",
                "version": "25.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:docker:moby:26.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "moby",
            "vendor": "docker",
            "versions": [
              {
                "lessThanOrEqual": "26.0.2",
                "status": "affected",
                "version": "26.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:docker:moby:27.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "moby",
            "vendor": "docker",
            "versions": [
              {
                "lessThanOrEqual": "26.1.14",
                "status": "affected",
                "version": "26.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:docker:moby:27.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "moby",
            "vendor": "docker",
            "versions": [
              {
                "status": "affected",
                "version": "27.1.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:docker:moby:26.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "moby",
            "vendor": "docker",
            "versions": [
              {
                "lessThanOrEqual": "26.0.2",
                "status": "affected",
                "version": "26.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:docker:moby:26.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "moby",
            "vendor": "docker",
            "versions": [
              {
                "lessThanOrEqual": "26.1.14",
                "status": "affected",
                "version": "26.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:docker:moby:27.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "moby",
            "vendor": "docker",
            "versions": [
              {
                "lessThanOrEqual": "27.0.3",
                "status": "affected",
                "version": "27.0.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41110",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-26T03:55:30.375492Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-29T21:01:46.898Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-10-13T21:03:34.392Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq"
          },
          {
            "name": "https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191"
          },
          {
            "name": "https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76"
          },
          {
            "name": "https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919"
          },
          {
            "name": "https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b"
          },
          {
            "name": "https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0"
          },
          {
            "name": "https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1"
          },
          {
            "name": "https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00"
          },
          {
            "name": "https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f"
          },
          {
            "name": "https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801"
          },
          {
            "name": "https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb"
          },
          {
            "name": "https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20240802-0001/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00009.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "moby",
          "vendor": "moby",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 19.03.0, \u003c= 19.03.15"
            },
            {
              "status": "affected",
              "version": "\u003e= 20.0.0, \u003c= 20.10.27"
            },
            {
              "status": "affected",
              "version": "\u003e= 23.0.0, \u003c= 23.0.14"
            },
            {
              "status": "affected",
              "version": "\u003e= 24.0.0, \u003c= 24.0.9"
            },
            {
              "status": "affected",
              "version": "\u003e= 25.0.0, \u003c= 25.0.5"
            },
            {
              "status": "affected",
              "version": "\u003e= 26.0.0, \u003c= 26.0.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 26.1.0, \u003c= 26.1.14"
            },
            {
              "status": "affected",
              "version": "\u003e= 27.0.0, \u003c= 27.0.3"
            },
            {
              "status": "affected",
              "version": "= 27.1.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base likelihood of this being exploited is low.\n\nUsing a specially-crafted API request, an Engine API client could make the daemon forward the request or response to an authorization plugin without the body. In certain circumstances, the authorization plugin may allow a request which it would have otherwise denied if the body had been forwarded to it.\n\nA security issue was discovered In 2018, where an attacker could bypass AuthZ plugins using a specially crafted API request. This could lead to unauthorized actions, including privilege escalation. Although this issue was fixed in Docker Engine v18.09.1 in January 2019, the fix was not carried forward to later major versions, resulting in a regression. Anyone who depends on authorization plugins that introspect the request and/or response body to make access control decisions is potentially impacted.\n\nDocker EE v19.03.x and all versions of Mirantis Container Runtime are not vulnerable.\n\ndocker-ce v27.1.1 containes patches to fix the vulnerability. Patches have also been merged into the master, 19.03, 20.0, 23.0, 24.0, 25.0, 26.0, and 26.1 release branches. If one is unable to upgrade immediately, avoid using AuthZ plugins and/or restrict access to the Docker API to trusted parties, following the principle of least privilege."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-187",
              "description": "CWE-187: Partial String Comparison",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-444",
              "description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-30T19:09:22.764Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq"
        },
        {
          "name": "https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191"
        },
        {
          "name": "https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76"
        },
        {
          "name": "https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919"
        },
        {
          "name": "https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b"
        },
        {
          "name": "https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0"
        },
        {
          "name": "https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1"
        },
        {
          "name": "https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00"
        },
        {
          "name": "https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f"
        },
        {
          "name": "https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801"
        },
        {
          "name": "https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb"
        },
        {
          "name": "https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin"
        }
      ],
      "source": {
        "advisory": "GHSA-v23v-6jw2-98fq",
        "discovery": "UNKNOWN"
      },
      "title": "Moby authz zero length regression"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-41110",
    "datePublished": "2024-07-24T16:49:53.068Z",
    "dateReserved": "2024-07-15T15:53:28.321Z",
    "dateUpdated": "2024-10-13T21:03:34.392Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39905 (GCVE-0-2024-39905)

Vulnerability from cvelistv5 – Published: 2024-07-11 15:43 – Updated: 2024-08-02 04:33
VLAI
Title
Red-DiscordBot vulnerable to Incorrect Authorization in commands API
Summary
Red is a fully modular Discord bot. Due to a bug in Red's Core API, 3rd-party cogs using the `@commands.can_manage_channel()` command permission check without additional permission controls may authorize a user to run a command even when that user doesn't have permissions to manage a channel. None of the core commands or core cogs are affected. The maintainers of the project are not aware of any _public_ 3rd-party cog utilizing this API at the time of writing this advisory. The problem was patched and released in version 3.5.10.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-863 - Incorrect Authorization
Assigner
Impacted products
Vendor Product Version
Cog-Creators Red-DiscordBot Affected: >= 3.5.0, < 3.5.10
Create a notification for this product.
cogboard red_discord_bot Affected: 3.5.0 , < 3.5.10 (custom)
    cpe:2.3:a:cogboard:red_discord_bot:3.5.0:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cogboard:red_discord_bot:3.5.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "red_discord_bot",
            "vendor": "cogboard",
            "versions": [
              {
                "lessThan": "3.5.10",
                "status": "affected",
                "version": "3.5.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39905",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-12T18:05:25.225801Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-12T18:08:15.664Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:33:11.321Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/Cog-Creators/Red-DiscordBot/security/advisories/GHSA-5jq8-q6rj-9gq4",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/Cog-Creators/Red-DiscordBot/security/advisories/GHSA-5jq8-q6rj-9gq4"
          },
          {
            "name": "https://github.com/Cog-Creators/Red-DiscordBot/pull/6398",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Cog-Creators/Red-DiscordBot/pull/6398"
          },
          {
            "name": "https://github.com/Cog-Creators/Red-DiscordBot/commit/0b0b23b9717b40ed4f8715720b199417c8e89750",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Cog-Creators/Red-DiscordBot/commit/0b0b23b9717b40ed4f8715720b199417c8e89750"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Red-DiscordBot",
          "vendor": "Cog-Creators",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 3.5.0, \u003c 3.5.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Red is a fully modular Discord bot. Due to a bug in Red\u0027s Core API, 3rd-party cogs using the `@commands.can_manage_channel()` command permission check without additional permission controls may authorize a user to run a command even when that user doesn\u0027t have permissions to manage a channel. None of the core commands or core cogs are affected. The maintainers of the project are not aware of any _public_ 3rd-party cog utilizing this API at the time of writing this advisory. The problem was patched and released in version 3.5.10."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-11T15:43:34.437Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Cog-Creators/Red-DiscordBot/security/advisories/GHSA-5jq8-q6rj-9gq4",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Cog-Creators/Red-DiscordBot/security/advisories/GHSA-5jq8-q6rj-9gq4"
        },
        {
          "name": "https://github.com/Cog-Creators/Red-DiscordBot/pull/6398",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Cog-Creators/Red-DiscordBot/pull/6398"
        },
        {
          "name": "https://github.com/Cog-Creators/Red-DiscordBot/commit/0b0b23b9717b40ed4f8715720b199417c8e89750",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Cog-Creators/Red-DiscordBot/commit/0b0b23b9717b40ed4f8715720b199417c8e89750"
        }
      ],
      "source": {
        "advisory": "GHSA-5jq8-q6rj-9gq4",
        "discovery": "UNKNOWN"
      },
      "title": "Red-DiscordBot vulnerable to Incorrect Authorization in commands API"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-39905",
    "datePublished": "2024-07-11T15:43:34.437Z",
    "dateReserved": "2024-07-02T19:37:18.600Z",
    "dateUpdated": "2024-08-02T04:33:11.321Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39871 (GCVE-0-2024-39871)

Vulnerability from cvelistv5 – Published: 2024-07-09 12:05 – Updated: 2025-08-27 20:42
VLAI
Summary
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly separate the rights to edit device settings and to edit settings for communication relations. This could allow an authenticated attacker with the permission to manage devices to gain access to participant groups that the attacked does not belong to.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-863 - Incorrect Authorization
Assigner
Impacted products
Vendor Product Version
Siemens SINEMA Remote Connect Server Affected: 0 , < V3.2 SP1 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39871",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-09T13:57:50.987645Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-27T20:42:57.056Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:33:11.389Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-381581.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SINEMA Remote Connect Server",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2 SP1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.2 SP1). Affected applications do not properly separate the rights to edit device settings and to edit settings for communication relations. This could allow an authenticated attacker with the permission to manage devices to gain access to participant groups that the attacked does not belong to."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-09T12:05:27.689Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-381581.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-39871",
    "datePublished": "2024-07-09T12:05:27.689Z",
    "dateReserved": "2024-07-01T13:05:40.288Z",
    "dateUpdated": "2025-08-27T20:42:57.056Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39696 (GCVE-0-2024-39696)

Vulnerability from cvelistv5 – Published: 2024-07-05 18:49 – Updated: 2024-08-02 04:26
VLAI
Title
Evmos vulnerable to exploit of smart contract account and vesting
Summary
Evmos is a decentralized Ethereum Virtual Machine chain on the Cosmos Network. Prior to version 19.0.0, a user can create a vesting account with a 3rd party account (EOA or contract) as funder. Then, this user can create an authorization for the contract.CallerAddress, this is the authorization checked in the code. But the funds are taken from the funder address provided in the message. Consequently, the user can fund a vesting account with a 3rd party account without its permission. The funder address can be any address, so this vulnerability can be used to drain all the accounts in the chain. The issue has been patched in version 19.0.0.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
Vendor Product Version
evmos evmos Affected: < 19.0.0
Create a notification for this product.
evmos evmos Affected: 0 , < 19.0.0 (custom)
    cpe:2.3:a:evmos:evmos:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:evmos:evmos:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "evmos",
            "vendor": "evmos",
            "versions": [
              {
                "lessThan": "19.0.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39696",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-07T13:57:09.223321Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-23T16:17:06.096Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:26:15.993Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/evmos/evmos/security/advisories/GHSA-q6hg-6m9x-5g9c",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/evmos/evmos/security/advisories/GHSA-q6hg-6m9x-5g9c"
          },
          {
            "name": "https://github.com/evmos/evmos/commit/0a620e176617a835ac697eea494afea09185dfaf",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/evmos/evmos/commit/0a620e176617a835ac697eea494afea09185dfaf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "evmos",
          "vendor": "evmos",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 19.0.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Evmos is a decentralized Ethereum Virtual Machine chain on the Cosmos Network. Prior to version 19.0.0, a user can create a vesting account with a 3rd party account (EOA or contract) as funder. Then, this user can create an authorization for the contract.CallerAddress, this is the authorization checked in the code. But the funds are taken from the funder address provided in the message. Consequently, the user can fund a vesting account with a 3rd party account without its permission. The funder address can be any address, so this vulnerability can be used to drain all the accounts in the chain. The issue has been patched in version 19.0.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-05T18:49:22.153Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/evmos/evmos/security/advisories/GHSA-q6hg-6m9x-5g9c",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/evmos/evmos/security/advisories/GHSA-q6hg-6m9x-5g9c"
        },
        {
          "name": "https://github.com/evmos/evmos/commit/0a620e176617a835ac697eea494afea09185dfaf",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/evmos/evmos/commit/0a620e176617a835ac697eea494afea09185dfaf"
        }
      ],
      "source": {
        "advisory": "GHSA-q6hg-6m9x-5g9c",
        "discovery": "UNKNOWN"
      },
      "title": "Evmos vulnerable to exploit of smart contract account and vesting"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-39696",
    "datePublished": "2024-07-05T18:49:22.153Z",
    "dateReserved": "2024-06-27T18:44:13.037Z",
    "dateUpdated": "2024-08-02T04:26:15.993Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39690 (GCVE-0-2024-39690)

Vulnerability from cvelistv5 – Published: 2024-08-20 14:33 – Updated: 2025-08-14 13:32
VLAI
Title
Capsule tenant owner with "patch namespace" permission can hijack system namespaces
Summary
Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference field), thereby gaining control of that namespace. Version 0.7.1 contains a patch.
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
Vendor Product Version
projectcapsule capsule Affected: <= 0.7.0
Create a notification for this product.
clastix capsule Affected: 0 , ≤ 0.7.0 (custom)
    cpe:2.3:a:clastix:capsule:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:clastix:capsule:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "capsule",
            "vendor": "clastix",
            "versions": [
              {
                "lessThanOrEqual": "0.7.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39690",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-20T15:05:29.719635Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-20T15:08:08.489Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "capsule",
          "vendor": "projectcapsule",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 0.7.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference field), thereby gaining control of that namespace. Version 0.7.1 contains a patch."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-14T13:32:03.818Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/projectcapsule/capsule/security/advisories/GHSA-mq69-4j5w-3qwp",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/projectcapsule/capsule/security/advisories/GHSA-mq69-4j5w-3qwp"
        },
        {
          "name": "https://github.com/projectcapsule/capsule/commit/d620b0457ddec01616b8eab8512a10611611f584",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/projectcapsule/capsule/commit/d620b0457ddec01616b8eab8512a10611611f584"
        }
      ],
      "source": {
        "advisory": "GHSA-mq69-4j5w-3qwp",
        "discovery": "UNKNOWN"
      },
      "title": "Capsule tenant owner with \"patch namespace\" permission can hijack system namespaces"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-39690",
    "datePublished": "2024-08-20T14:33:24.518Z",
    "dateReserved": "2024-06-27T18:44:13.035Z",
    "dateUpdated": "2025-08-14T13:32:03.818Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39352 (GCVE-0-2024-39352)

Vulnerability from cvelistv5 – Published: 2024-06-28 06:07 – Updated: 2024-08-02 04:26
VLAI
Summary
A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. This allows remote authenticated users with administrator privileges to bypass firmware integrity check via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
Vendor Product Version
Synology Camera Firmware Affected: 1.0 , < 1.0.7-0298 (semver)
Create a notification for this product.
Credits
Romain JOUET (@JouetR), Baptiste MOINE (@Creased_) from Synacktiv (@Synacktiv) working with Trend Micro Zero Day Initiative
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39352",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-02T19:27:09.753998Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-02T19:27:16.374Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:26:14.272Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Synology-SA-23:15 Synology Camera (PWN2OWN 2023)",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Camera Firmware",
          "vendor": "Synology",
          "versions": [
            {
              "lessThan": "1.0.7-0298",
              "status": "affected",
              "version": "1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Romain JOUET (@JouetR), Baptiste MOINE (@Creased_) from Synacktiv (@Synacktiv) working with Trend Micro Zero Day Initiative"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. This allows remote authenticated users with administrator privileges to bypass firmware integrity check via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-28T06:07:52.739Z",
        "orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
        "shortName": "synology"
      },
      "references": [
        {
          "name": "Synology-SA-23:15 Synology Camera (PWN2OWN 2023)",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_15"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
    "assignerShortName": "synology",
    "cveId": "CVE-2024-39352",
    "datePublished": "2024-06-28T06:07:52.739Z",
    "dateReserved": "2024-06-24T10:57:17.891Z",
    "dateUpdated": "2024-08-02T04:26:14.272Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design
  • Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
  • Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Architecture and Design

Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].

Mitigation MIT-4.4
Architecture and Design

Strategy: Libraries or Frameworks

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
Architecture and Design
  • For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
  • One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
System Configuration Installation

Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.

No CAPEC attack patterns related to this CWE.