CWE-863
Allowed-with-ReviewIncorrect Authorization
Abstraction: Class · Status: Incomplete
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
5556 vulnerabilities reference this CWE, most recent first.
CVE-2024-8001 (GCVE-0-2024-8001)
Vulnerability from cvelistv5 – Published: 2024-11-13 09:47 – Updated: 2025-01-09 16:32| URL | Tags |
|---|---|
| https://vuldb.com/?id.284352 | vdb-entry |
| https://vuldb.com/?ctiid.284352 | signaturepermissions-required |
| https://www.scip.ch/?news.20241203 | related |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:viwis:lms:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lms",
"vendor": "viwis",
"versions": [
{
"status": "affected",
"version": "9.11"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T14:50:49.767422Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T16:32:53.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Print Handler"
],
"product": "LMS",
"vendor": "VIWIS",
"versions": [
{
"status": "affected",
"version": "9.11"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ralph Meier"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in VIWIS LMS 9.11. It has been classified as critical. Affected is an unknown function of the component Print Handler. The manipulation leads to missing authorization. It is possible to launch the attack remotely. A user with the role learner can use the administrative print function with an active session before and after an exam slot to access the entire exam including solutions in the web application. It is recommended to apply a patch to fix this issue."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in VIWIS LMS 9.11 ausgemacht. Es geht dabei um eine nicht klar definierte Funktion der Komponente Print Handler. Mit der Manipulation mit unbekannten Daten kann eine missing authorization-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T06:49:21.233Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-284352 | VIWIS LMS Print authorization",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.284352"
},
{
"name": "VDB-284352 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.284352"
},
{
"tags": [
"related"
],
"url": "https://www.scip.ch/?news.20241203"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-13T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-11-13T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-01-08T07:54:08.000Z",
"value": "VulDB entry last update"
}
],
"title": "VIWIS LMS Print authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-8001",
"datePublished": "2024-11-13T09:47:38.973Z",
"dateReserved": "2024-08-20T08:04:18.419Z",
"dateUpdated": "2025-01-09T16:32:53.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7915 (GCVE-0-2024-7915)
Vulnerability from cvelistv5 – Published: 2024-11-25 17:45 – Updated: 2024-11-25 18:43- CWE-863 - Incorrect Authorization
| Vendor | Product | Version | |
|---|---|---|---|
| Sensei | Sensei Mac Cleaner |
Affected:
0 , ≤ 1.5.10 (110)
(semver)
|
|
| sensei | sensei_mac_cleaner |
Affected:
0 , ≤ 2.5.10
(semver)
cpe:2.3:a:sensei:sensei_mac_cleaner:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sensei:sensei_mac_cleaner:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sensei_mac_cleaner",
"vendor": "sensei",
"versions": [
{
"lessThanOrEqual": "2.5.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7915",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T18:42:50.497923Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T18:43:52.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cindori.com/sensei",
"defaultStatus": "unaffected",
"modules": [
"org.cindori.SenseiHelper"
],
"packageName": "Sensei Mac Cleaner",
"platforms": [
"MacOS"
],
"product": "Sensei Mac Cleaner",
"vendor": "Sensei",
"versions": [
{
"lessThanOrEqual": "1.5.10 (110)",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Carlos Garrido of Pentraze Cybersecurity"
}
],
"datePublic": "2024-11-25T17:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctt\u003e\n\n\u003cdiv\u003e\u003cdiv\u003eThe application Sensei Mac Cleaner contains a local privilege escalation vulnerability, allowing an attacker to perform multiple operations as the root\u0026nbsp;user. These operations include arbitrary file deletion and writing, loading and unloading daemons, manipulating file permissions, and loading extensions, among other actions.\u003c/div\u003e\u003cbr\u003e\u003cdiv\u003eThe vulnerable module\u0026nbsp;\u003cb\u003eorg.cindori.SenseiHelper\u003c/b\u003e\u0026nbsp;can be contacted via XPC. While the module performs client validation, it relies on the client\u0027s \u003cb\u003ePID\u003c/b\u003e\u0026nbsp;obtained through the public \u003cb\u003eprocessIdentifier\u003c/b\u003e\u0026nbsp;property of the \u003cb\u003eNSXPCConnection\u003c/b\u003e\u0026nbsp;class. This approach makes the module susceptible to a PID Reuse Attack, enabling an attacker to impersonate a legitimate client and send crafted XPC messages to invoke arbitrary methods exposed by the \u003cb\u003eHelperProtocol\u003c/b\u003e\u0026nbsp;interface.\u003c/div\u003e\u003c/div\u003e\n\n\u003cbr\u003e\u003c/tt\u003e"
}
],
"value": "The application Sensei Mac Cleaner contains a local privilege escalation vulnerability, allowing an attacker to perform multiple operations as the root\u00a0user. These operations include arbitrary file deletion and writing, loading and unloading daemons, manipulating file permissions, and loading extensions, among other actions.\n\n\nThe vulnerable module\u00a0org.cindori.SenseiHelper\u00a0can be contacted via XPC. While the module performs client validation, it relies on the client\u0027s PID\u00a0obtained through the public processIdentifier\u00a0property of the NSXPCConnection\u00a0class. This approach makes the module susceptible to a PID Reuse Attack, enabling an attacker to impersonate a legitimate client and send crafted XPC messages to invoke arbitrary methods exposed by the HelperProtocol\u00a0interface."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T17:45:39.978Z",
"orgId": "41c37e40-543d-43a2-b660-2fee83ea851a",
"shortName": "Pentraze"
},
"references": [
{
"url": "https://pentraze.com/vulnerability-reports"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "macOS Sensei Mac Cleaner Local Privilege Escalation via PID Reuse - Race Condition Attack",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "41c37e40-543d-43a2-b660-2fee83ea851a",
"assignerShortName": "Pentraze",
"cveId": "CVE-2024-7915",
"datePublished": "2024-11-25T17:45:39.978Z",
"dateReserved": "2024-08-18T02:59:02.835Z",
"dateUpdated": "2024-11-25T18:43:52.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7836 (GCVE-0-2024-7836)
Vulnerability from cvelistv5 – Published: 2024-08-22 02:02 – Updated: 2026-04-08 16:45- CWE-863 - Incorrect Authorization
| Vendor | Product | Version | |
|---|---|---|---|
| themifyme | Themify Builder |
Affected:
0 , ≤ 7.6.1
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7836",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T14:27:54.612316Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T14:28:06.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Themify Builder",
"vendor": "themifyme",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Thaleikis"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Themify Builder plugin for WordPress is vulnerable to unauthorized post duplication due to missing checks on the duplicate_page_ajaxify function in all versions up to, and including, 7.6.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to duplicate and view private or draft posts created by other users that otherwise shouldn\u0027t be accessible to them."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:45:12.472Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/31dfc46c-a673-41f1-b701-aa832f004ebc?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/themify-builder/tags/7.6.1/classes/class-builder-duplicate-page.php#L41"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-09T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2024-08-21T12:05:35.000Z",
"value": "Disclosed"
}
],
"title": "Themify Builder \u003c= 7.6.1 - Missing Authorization to Authenticated (Contributor+) Post Duplication"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-7836",
"datePublished": "2024-08-22T02:02:03.277Z",
"dateReserved": "2024-08-15T11:22:24.452Z",
"dateUpdated": "2026-04-08T16:45:12.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7711 (GCVE-0-2024-7711)
Vulnerability from cvelistv5 – Published: 2024-08-20 19:17 – Updated: 2024-08-20 19:46- CWE-863 - Incorrect Authorization
| Vendor | Product | Version | |
|---|---|---|---|
| GitHub | GitHub Enterprise Server |
Affected:
3.11.0 , ≤ 3.11.13
(semver)
Affected: 3.12.0 , ≤ 3.12.7 (semver) Affected: 3.13.0 , ≤ 3.13.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7711",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-20T19:46:19.440056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T19:46:55.283Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "GitHub Enterprise Server",
"vendor": "GitHub",
"versions": [
{
"changes": [
{
"at": "3.11.14",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.11.13",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.12.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.12.7",
"status": "affected",
"version": "3.12.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.13.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.13.2",
"status": "affected",
"version": "3.13.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ahacker1"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server, allowing an attacker to update the title, assignees, and labels of any issue inside a public repository. This was only exploitable inside a public repository. This vulnerability affected GitHub Enterprise Server versions before 3.14 and was fixed in versions 3.13.3, 3.12.8, and 3.11.14. Versions 3.10 of GitHub Enterprise Server are not affected. This vulnerability was reported via the GitHub Bug Bounty program."
}
],
"value": "An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server, allowing an attacker to update the title, assignees, and labels of any issue inside a public repository. This was only exploitable inside a public repository. This vulnerability affected GitHub Enterprise Server versions before 3.14 and was fixed in versions 3.13.3, 3.12.8, and 3.11.14. Versions 3.10 of GitHub Enterprise Server are not affected. This vulnerability was reported via the GitHub Bug Bounty program."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/S:N/AU:Y/R:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T19:17:37.776Z",
"orgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
"shortName": "GitHub_P"
},
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.3"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.8"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.14"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
"assignerShortName": "GitHub_P",
"cveId": "CVE-2024-7711",
"datePublished": "2024-08-20T19:17:37.776Z",
"dateReserved": "2024-08-12T18:11:15.883Z",
"dateUpdated": "2024-08-20T19:46:55.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7604 (GCVE-0-2024-7604)
Vulnerability from cvelistv5 – Published: 2024-08-21 16:06 – Updated: 2024-08-21 19:55- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://support.logsign.net/hc/en-us/articles/206… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Logsign | Unified SecOps Platform |
Affected:
6.4.20
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T19:55:20.450765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T19:55:29.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Unified SecOps Platform",
"vendor": "Logsign",
"versions": [
{
"status": "affected",
"version": "6.4.20"
}
]
}
],
"dateAssigned": "2024-08-08T00:17:05.089Z",
"datePublic": "2024-08-08T19:44:34.307Z",
"descriptions": [
{
"lang": "en",
"value": "Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of the user\u0027s license expiration date. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25029."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T16:06:17.339Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1104",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1104/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://support.logsign.net/hc/en-us/articles/20617133769362-06-08-2024-Version-6-4-23-Release-Notes"
}
],
"source": {
"lang": "en",
"value": "Smile Thanapattheerakul of Trend Micro"
},
"title": "Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-7604",
"datePublished": "2024-08-21T16:06:17.339Z",
"dateReserved": "2024-08-08T00:17:05.055Z",
"dateUpdated": "2024-08-21T19:55:29.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7457 (GCVE-0-2024-7457)
Vulnerability from cvelistv5 – Published: 2025-06-10 23:19 – Updated: 2025-06-11 13:52- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://pentraze.com/ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-11T13:52:10.272705Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T13:52:22.705Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://stash.ws/",
"defaultStatus": "unaffected",
"packageName": "ws.stash.app.mac.daemon.helper",
"platforms": [
"MacOS"
],
"product": "Stash",
"vendor": "Stash",
"versions": [
{
"lessThanOrEqual": "build 303",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Carlos Garrido of Pentraze Cybersecurity"
}
],
"datePublic": "2025-06-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\nThe \u003ccode\u003ews.stash.app.mac.daemon.helper\u003c/code\u003e tool contains a vulnerability caused by an incorrect use of macOS\u2019s authorization model. Instead of validating the client\u0027s authorization reference, the helper invokes \u003ccode\u003eAuthorizationCopyRights()\u003c/code\u003e using its own privileged context (\u003ccode\u003eroot\u003c/code\u003e), effectively authorizing itself rather than the client. As a result, it grants the \u003ccode\u003esystem.preferences.admin\u003c/code\u003e right internally, regardless of the requesting client\u0027s privileges. This flawed logic allows unprivileged clients to invoke privileged operations via XPC, including unauthorized changes to system-wide network preferences such as SOCKS, HTTP, and HTTPS proxy settings. The absence of proper code-signing checks further enables arbitrary processes to exploit this flaw, leading to man-in-the-middle (MITM) attacks through traffic redirection.\n\n\u003c/p\u003e"
}
],
"value": "The ws.stash.app.mac.daemon.helper tool contains a vulnerability caused by an incorrect use of macOS\u2019s authorization model. Instead of validating the client\u0027s authorization reference, the helper invokes AuthorizationCopyRights() using its own privileged context (root), effectively authorizing itself rather than the client. As a result, it grants the system.preferences.admin right internally, regardless of the requesting client\u0027s privileges. This flawed logic allows unprivileged clients to invoke privileged operations via XPC, including unauthorized changes to system-wide network preferences such as SOCKS, HTTP, and HTTPS proxy settings. The absence of proper code-signing checks further enables arbitrary processes to exploit this flaw, leading to man-in-the-middle (MITM) attacks through traffic redirection."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-10T23:19:47.186Z",
"orgId": "41c37e40-543d-43a2-b660-2fee83ea851a",
"shortName": "Pentraze"
},
"references": [
{
"url": "https://pentraze.com/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "macOS Stash network-management utility: Unauthorized Manipulation of System Network Preferences",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "41c37e40-543d-43a2-b660-2fee83ea851a",
"assignerShortName": "Pentraze",
"cveId": "CVE-2024-7457",
"datePublished": "2025-06-10T23:19:47.186Z",
"dateReserved": "2024-08-04T02:47:51.335Z",
"dateUpdated": "2025-06-11T13:52:22.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7296 (GCVE-0-2024-7296)
Vulnerability from cvelistv5 – Published: 2025-03-13 06:00 – Updated: 2025-03-14 13:43- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/issues/475056 | issue-trackingpermissions-required |
| https://hackerone.com/reports/2602274 | technical-descriptionexploitpermissions-required |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7296",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-14T13:43:26.839368Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-14T13:43:35.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "17.7.7",
"status": "affected",
"version": "16.5",
"versionType": "semver"
},
{
"lessThan": "17.8.5",
"status": "affected",
"version": "17.8",
"versionType": "semver"
},
{
"lessThan": "17.9.2",
"status": "affected",
"version": "17.9",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [ashish_r_padelkar](https://hackerone.com/ashish_r_padelkar) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2 which allowed a user with a custom permission to approve pending membership requests beyond the maximum number of allowed users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T06:00:54.415Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #475056",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/475056"
},
{
"name": "HackerOne Bug Bounty Report #2602274",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2602274"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 17.7.7, 17.8.5, 17.9.2 or above."
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2024-7296",
"datePublished": "2025-03-13T06:00:54.415Z",
"dateReserved": "2024-07-30T15:02:08.453Z",
"dateUpdated": "2025-03-14T13:43:35.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7266 (GCVE-0-2024-7266)
Vulnerability from cvelistv5 – Published: 2024-08-07 10:58 – Updated: 2025-03-25 14:31- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2024/08/CVE-2024-7265/ | third-party-advisory |
| https://cert.pl/posts/2024/08/CVE-2024-7265/ | third-party-advisory |
| https://www.gov.pl/web/ezd-rp | product |
| Vendor | Product | Version | |
|---|---|---|---|
| Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy | EZD RP |
Affected:
15 , < 15.84
(custom)
Affected: 16 , < 16.15 (custom) Affected: 17 , < 17.2 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7266",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:08:19.371640Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T14:31:55.797Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EZD RP",
"vendor": "Naukowa i Akademicka Sie\u0107 Komputerowa - Pa\u0144stwowy Instytut Badawczy",
"versions": [
{
"lessThan": "15.84",
"status": "affected",
"version": "15",
"versionType": "custom"
},
{
"lessThan": "16.15",
"status": "affected",
"version": "16",
"versionType": "custom"
},
{
"lessThan": "17.2",
"status": "affected",
"version": "17",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jakub P\u0142atek (NASK-PIB)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect User Management vulnerability in Naukowa i Akademicka Sie\u0107 Komputerowa - Pa\u0144stwowy Instytut Badawczy EZD RP allows logged-in user to list all users in the system, including those from other organizations.\u0026nbsp;\u003cp\u003eThis issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2.\u003c/p\u003e"
}
],
"value": "Incorrect User Management vulnerability in Naukowa i Akademicka Sie\u0107 Komputerowa - Pa\u0144stwowy Instytut Badawczy EZD RP allows logged-in user to list all users in the system, including those from other organizations.\u00a0This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/R:A/V:D/RE:L/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T08:35:13.469Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/08/CVE-2024-7265/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2024/08/CVE-2024-7265/"
},
{
"tags": [
"product"
],
"url": "https://www.gov.pl/web/ezd-rp"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Users listing in EZD RP",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-7266",
"datePublished": "2024-08-07T10:58:47.839Z",
"dateReserved": "2024-07-30T08:43:02.704Z",
"dateUpdated": "2025-03-25T14:31:55.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7265 (GCVE-0-2024-7265)
Vulnerability from cvelistv5 – Published: 2024-08-07 10:58 – Updated: 2025-03-17 08:34- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2024/08/CVE-2024-7265/ | third-party-advisory |
| https://cert.pl/posts/2024/08/CVE-2024-7265/ | third-party-advisory |
| https://www.gov.pl/web/ezd-rp | product |
| Vendor | Product | Version | |
|---|---|---|---|
| Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy | EZD RP |
Affected:
15 , < 15.84
(custom)
Affected: 16 , < 16.15 (custom) Affected: 17 , < 17.2 (custom) |
|
| nask-pib | ezd_rp |
Affected:
15 , < 15.84
(custom)
Affected: 16 , < 16.15 (custom) Affected: 17 , < 17.2 (custom) cpe:2.3:a:nask-pib:ezd_rp:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:nask-pib:ezd_rp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ezd_rp",
"vendor": "nask-pib",
"versions": [
{
"lessThan": "15.84",
"status": "affected",
"version": "15",
"versionType": "custom"
},
{
"lessThan": "16.15",
"status": "affected",
"version": "16",
"versionType": "custom"
},
{
"lessThan": "17.2",
"status": "affected",
"version": "17",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7265",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:13:17.569299Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T14:37:20.227Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EZD RP",
"vendor": "Naukowa i Akademicka Sie\u0107 Komputerowa - Pa\u0144stwowy Instytut Badawczy",
"versions": [
{
"lessThan": "15.84",
"status": "affected",
"version": "15",
"versionType": "custom"
},
{
"lessThan": "16.15",
"status": "affected",
"version": "16",
"versionType": "custom"
},
{
"lessThan": "17.2",
"status": "affected",
"version": "17",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jakub P\u0142atek (NASK-PIB)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect User Management vulnerability in Naukowa i Akademicka Sie\u0107 Komputerowa - Pa\u0144stwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, which could lead to privilege escalation.\u0026nbsp;\u003cp\u003eThis issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2.\u003c/p\u003e"
}
],
"value": "Incorrect User Management vulnerability in Naukowa i Akademicka Sie\u0107 Komputerowa - Pa\u0144stwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, which could lead to privilege escalation.\u00a0This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/R:U/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T08:34:48.839Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/08/CVE-2024-7265/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2024/08/CVE-2024-7265/"
},
{
"tags": [
"product"
],
"url": "https://www.gov.pl/web/ezd-rp"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Privilege Escalation in EZD RP",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-7265",
"datePublished": "2024-08-07T10:58:25.223Z",
"dateReserved": "2024-07-30T08:43:01.420Z",
"dateUpdated": "2025-03-17T08:34:48.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7108 (GCVE-0-2024-7108)
Vulnerability from cvelistv5 – Published: 2024-09-26 12:07 – Updated: 2026-06-03 11:35- CWE-863 - Incorrect Authorization
| URL | Tags |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-24-1549 | government-resourcebroken-link |
| https://siberguvenlik.gov.tr/guvenlik-bildirimler… | government-resource |
| Vendor | Product | Version | |
|---|---|---|---|
| National Keep Cyber Security Services | CyberMath |
Affected:
0 , < CYBM.240816253
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7108",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T12:58:49.634699Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T12:58:59.616Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CyberMath",
"vendor": "National Keep Cyber Security Services",
"versions": [
{
"lessThan": "CYBM.240816253",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Serhat YAPICI"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows Accessing Functionality Not Properly Constrained by ACLs.\u003cp\u003eThis issue affects CyberMath: before CYBM.240816253.\u003c/p\u003e"
}
],
"value": "Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows Accessing Functionality Not Properly Constrained by ACLs.\n\nThis issue affects CyberMath: before CYBM.240816253."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T11:35:31.654Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource",
"broken-link"
],
"url": "https://www.usom.gov.tr/bildirim/tr-24-1549"
},
{
"tags": [
"government-resource"
],
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1549"
}
],
"source": {
"advisory": "TR-24-1549",
"defect": [
"TR-24-1549"
],
"discovery": "UNKNOWN"
},
"title": "Incorrect Authorization in National Keep\u0027s CyberMath",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2024-7108",
"datePublished": "2024-09-26T12:07:13.201Z",
"dateReserved": "2024-07-25T13:07:52.833Z",
"dateUpdated": "2026-06-03T11:35:31.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation MIT-4.4
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
No CAPEC attack patterns related to this CWE.