Common Weakness Enumeration

CWE-863

Allowed-with-Review

Incorrect Authorization

Abstraction: Class · Status: Incomplete

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

5541 vulnerabilities reference this CWE, most recent first.

GHSA-P89V-94G7-8VXF

Vulnerability from github – Published: 2026-03-24 06:31 – Updated: 2026-03-24 06:31
VLAI
Details

Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain administrative functions, thereby escalating privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-4639"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-24T05:16:25Z",
    "severity": "HIGH"
  },
  "details": "Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain administrative functions, thereby escalating privileges.",
  "id": "GHSA-p89v-94g7-8vxf",
  "modified": "2026-03-24T06:31:14Z",
  "published": "2026-03-24T06:31:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4639"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/en/cp-139-10795-25784-2.html"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/tw/cp-132-10794-704a2-1.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-P8F7-22GQ-M7J9

Vulnerability from github – Published: 2022-10-17 12:00 – Updated: 2024-04-10 18:37
VLAI
Summary
Phoenix before 1.6.14 mishandles check_origin wildcarding
Details

socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Hex",
        "name": "phoenix"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.6.14"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-42975"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-346",
      "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-10-18T18:01:44Z",
    "nvd_published_at": "2022-10-17T06:15:00Z",
    "severity": "HIGH"
  },
  "details": "socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token.",
  "id": "GHSA-p8f7-22gq-m7j9",
  "modified": "2024-04-10T18:37:53Z",
  "published": "2022-10-17T12:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42975"
    },
    {
      "type": "WEB",
      "url": "https://github.com/phoenixframework/phoenix/commit/6e7185b33a59e0b1d1c0b4223adf340a73e963ae"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/phoenixframework/phoenix"
    },
    {
      "type": "WEB",
      "url": "https://hexdocs.pm/phoenix/1.6.14/changelog.html#1-6-14-2022-10-10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Phoenix before 1.6.14 mishandles check_origin wildcarding"
}

GHSA-P8RP-XFQ6-8F8M

Vulnerability from github – Published: 2026-03-03 18:31 – Updated: 2026-03-06 00:31
VLAI
Details

An improper authorization vulnerability in GitHub Trigger Comment Control in Google Cloud Build prior to 2026-1-26 allows a remote attacker to execute arbitrary code in the build environment.

This vulnerability was patched on 26 January 2026, and no customer action is needed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-3136"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-03T17:16:19Z",
    "severity": "HIGH"
  },
  "details": "An improper authorization\u00a0vulnerability in GitHub Trigger Comment Control\u00a0in Google\u00a0Cloud Build\u00a0prior to 2026-1-26\u00a0allows a remote attacker\u00a0to execute arbitrary code in the build environment.\n\nThis vulnerability was patched on 26 January 2026, and no customer action is needed.",
  "id": "GHSA-p8rp-xfq6-8f8m",
  "modified": "2026-03-06T00:31:29Z",
  "published": "2026-03-03T18:31:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3136"
    },
    {
      "type": "WEB",
      "url": "https://docs.cloud.google.com/build/docs/release-notes#March_03_2026"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-P953-2G5P-33C5

Vulnerability from github – Published: 2026-05-13 00:48 – Updated: 2026-05-13 00:48
VLAI
Details

Heym before 0.0.21 contains an authorization bypass vulnerability in workflow execution that allows authenticated users to execute arbitrary workflows by referencing victim workflow UUIDs without proper access validation. Attackers can create workflows with execute nodes or agent subWorkflowIds pointing to victim workflow UUIDs to load and execute those workflows under attacker-controlled execution paths, exposing victim workflow outputs and triggering workflow nodes with unintended side effects.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-45226"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-12T22:16:38Z",
    "severity": "HIGH"
  },
  "details": "Heym before 0.0.21 contains an authorization bypass vulnerability in workflow execution that allows authenticated users to execute arbitrary workflows by referencing victim workflow UUIDs without proper access validation. Attackers can create workflows with execute nodes or agent subWorkflowIds pointing to victim workflow UUIDs to load and execute those workflows under attacker-controlled execution paths, exposing victim workflow outputs and triggering workflow nodes with unintended side effects.",
  "id": "GHSA-p953-2g5p-33c5",
  "modified": "2026-05-13T00:48:14Z",
  "published": "2026-05-13T00:48:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45226"
    },
    {
      "type": "WEB",
      "url": "https://github.com/heymrun/heym/pull/93"
    },
    {
      "type": "WEB",
      "url": "https://github.com/heymrun/heym/commit/3ae3ef6a7d3609da0e910f9ed6b81e99a1661ac8"
    },
    {
      "type": "WEB",
      "url": "https://github.com/heymrun/heym/releases/tag/v0.0.21"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/heym-authorization-bypass-in-workflow-execution"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-P95M-PP4P-P9J3

Vulnerability from github – Published: 2025-08-20 09:30 – Updated: 2025-11-05 15:31
VLAI
Details

MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-9228"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-20T09:15:28Z",
    "severity": "MODERATE"
  },
  "details": "MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, \nallowing low-privilege users to create notes which are intended only for administrative users.",
  "id": "GHSA-p95m-pp4p-p9j3",
  "modified": "2025-11-05T15:31:02Z",
  "published": "2025-08-20T09:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9228"
    },
    {
      "type": "WEB",
      "url": "https://a.storyblok.com/f/230581/x/46f48d3787/msa-15.pdf"
    },
    {
      "type": "WEB",
      "url": "https://mobile-industrial-robots.com/security-advisories/insufficient-authorization-when-creating-notes"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.mobile-industrial-robots.com/documentation/mir-cybersecurity-guide/mir-cybersecurity-guide"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P967-H43J-8P83

Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-07-13 00:01
VLAI
Details

In all versions of GitLab CE/EE since version 13.0, a privileged user, through an API call, can change the visibility level of a group or a project to a restricted option even after the instance administrator sets that visibility option as restricted in settings.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39903"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-04T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In all versions of GitLab CE/EE since version 13.0, a privileged user, through an API call, can change the visibility level of a group or a project to a restricted option even after the instance administrator sets that visibility option as restricted in settings.",
  "id": "GHSA-p967-h43j-8p83",
  "modified": "2022-07-13T00:01:38Z",
  "published": "2022-05-24T19:19:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39903"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1086781"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39903.json"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/300017"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P972-2FG6-PW4J

Vulnerability from github – Published: 2024-11-13 21:30 – Updated: 2024-11-26 21:32
VLAI
Details

baltic-it TOPqw Webportal v1.35.283.2 is vulnerable to Incorrect Access Control in the User Management function in /Apps/TOPqw/BenutzerManagement.aspx. This allows a low privileged user to access all modules in the web portal, view and manipulate information and permissions of other users, lock other user or unlock the own account, change the password of other users, create new users or delete existing users and view, manipulate and delete reference data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-45877"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-13T21:15:28Z",
    "severity": "MODERATE"
  },
  "details": "baltic-it TOPqw Webportal v1.35.283.2 is vulnerable to Incorrect Access Control in the User Management function in /Apps/TOPqw/BenutzerManagement.aspx. This allows a low privileged user to access all modules in the web portal, view and manipulate information and permissions of other users, lock other user or unlock the own account, change the password of other users, create new users or delete existing users and view, manipulate and delete reference data.",
  "id": "GHSA-p972-2fg6-pw4j",
  "modified": "2024-11-26T21:32:23Z",
  "published": "2024-11-13T21:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45877"
    },
    {
      "type": "WEB",
      "url": "https://cyber.wtf/2024/11/11/topqw-webportal-cves"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P9CX-F595-H79H

Vulnerability from github – Published: 2024-11-07 15:31 – Updated: 2024-11-07 18:28
VLAI
Summary
Moodle's IDOR in Feedback non-respondents report allows messaging arbitrary site users
Details

A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.2.0-beta"
            },
            {
              "fixed": "4.2.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.3.0-beta"
            },
            {
              "fixed": "4.3.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.4.0-beta"
            },
            {
              "fixed": "4.4.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-43438"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-639",
      "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-07T18:28:35Z",
    "nvd_published_at": "2024-11-07T14:15:16Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in Feedback. Bulk messaging in the activity\u0027s non-respondents report did not verify message recipients belonging to the set of users returned by the report.",
  "id": "GHSA-p9cx-f595-h79h",
  "modified": "2024-11-07T18:28:35Z",
  "published": "2024-11-07T15:31:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43438"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304267"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/moodle/moodle"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=461208"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Moodle\u0027s IDOR in Feedback non-respondents report allows messaging arbitrary site users"
}

GHSA-P9G6-6PPX-5QRR

Vulnerability from github – Published: 2025-01-31 03:32 – Updated: 2025-06-30 18:31
VLAI
Details

This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.

The specific flaw exists within the telematics functionality. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-23929"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863",
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-31T01:15:09Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the telematics functionality. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root.",
  "id": "GHSA-p9g6-6ppx-5qrr",
  "modified": "2025-06-30T18:31:45Z",
  "published": "2025-01-31T03:32:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23929"
    },
    {
      "type": "WEB",
      "url": "https://jpn.pioneer/ja/car/dl/dmh-sz700_sf700"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1044"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P9GV-JGW3-97Q9

Vulnerability from github – Published: 2023-09-14 09:30 – Updated: 2024-04-04 07:40
VLAI
Details

A Privilege escalation vulnerability exists in Trellix Windows DLP endpoint for windows which can be abused to delete any file/folder for which the user does not have permission to.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-4814"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250",
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-14T07:15:41Z",
    "severity": "HIGH"
  },
  "details": "\nA Privilege escalation vulnerability exists in Trellix Windows DLP endpoint for windows which can be abused to delete any file/folder for which the user does not have permission to.\n\n",
  "id": "GHSA-p9gv-jgw3-97q9",
  "modified": "2024-04-04T07:40:02Z",
  "published": "2023-09-14T09:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4814"
    },
    {
      "type": "WEB",
      "url": "https://kcm.trellix.com/corporate/index?page=content\u0026id=SB10407"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design
  • Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
  • Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Architecture and Design

Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].

Mitigation MIT-4.4
Architecture and Design

Strategy: Libraries or Frameworks

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
Architecture and Design
  • For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
  • One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
System Configuration Installation

Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.

No CAPEC attack patterns related to this CWE.