CWE-863
Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
CVE-2023-36826 (GCVE-0-2023-36826)
Vulnerability from cvelistv5 – Published: 2023-07-25 18:50 – Updated: 2024-10-03 19:25
VLAI
Title
Sentry vulnerable to improper authorization on debug and artifact file downloads
Summary
Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the organization or have permissions on the project. A patch was issued in version 23.5.2 to ensure authorization checks are properly scoped on requests to retrieve debug or artifact bundles. Authenticated users who do not have the necessary permissions on the particular project are no longer able to download them. Sentry SaaS users do not need to take any action. Self-Hosted Sentry users should upgrade to version 23.5.2 or higher.
Severity
7.7 (High)
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/getsentry/sentry/security/advi… | x_refsource_CONFIRM |
| https://github.com/getsentry/sentry/pull/49680 | x_refsource_MISC |
| https://github.com/getsentry/sentry/commit/e932b1… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:01:09.754Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/getsentry/sentry/security/advisories/GHSA-m4hc-m2v6-hfw8",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/getsentry/sentry/security/advisories/GHSA-m4hc-m2v6-hfw8"
},
{
"name": "https://github.com/getsentry/sentry/pull/49680",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/getsentry/sentry/pull/49680"
},
{
"name": "https://github.com/getsentry/sentry/commit/e932b15435bf36239431eaa3790a6bcfa47046a9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/getsentry/sentry/commit/e932b15435bf36239431eaa3790a6bcfa47046a9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36826",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:25:05.837092Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T19:25:30.691Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sentry",
"vendor": "getsentry",
"versions": [
{
"status": "affected",
"version": "\u003e= 8.21.0, \u003c 23.5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the organization or have permissions on the project. A patch was issued in version 23.5.2 to ensure authorization checks are properly scoped on requests to retrieve debug or artifact bundles. Authenticated users who do not have the necessary permissions on the particular project are no longer able to download them. Sentry SaaS users do not need to take any action. Self-Hosted Sentry users should upgrade to version 23.5.2 or higher."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T18:50:42.350Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/getsentry/sentry/security/advisories/GHSA-m4hc-m2v6-hfw8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/getsentry/sentry/security/advisories/GHSA-m4hc-m2v6-hfw8"
},
{
"name": "https://github.com/getsentry/sentry/pull/49680",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/getsentry/sentry/pull/49680"
},
{
"name": "https://github.com/getsentry/sentry/commit/e932b15435bf36239431eaa3790a6bcfa47046a9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/getsentry/sentry/commit/e932b15435bf36239431eaa3790a6bcfa47046a9"
}
],
"source": {
"advisory": "GHSA-m4hc-m2v6-hfw8",
"discovery": "UNKNOWN"
},
"title": "Sentry vulnerable to improper authorization on debug and artifact file downloads"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-36826",
"datePublished": "2023-07-25T18:50:42.350Z",
"dateReserved": "2023-06-27T15:43:18.388Z",
"dateUpdated": "2024-10-03T19:25:30.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-36829 (GCVE-0-2023-36829)
Vulnerability from cvelistv5 – Published: 2023-07-06 22:08 – Updated: 2024-11-06 16:44
VLAI
Title
Sentry CORS misconfiguration vulnerability
Summary
Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the `access-control-allow-credentials: true` HTTP header if the `Origin` request header ends with the `system.base-hostname` option of Sentry installation. This only affects installations that have `system.base-hostname` option explicitly set, as it is empty by default. Impact is limited since recent versions of major browsers have cross-site cookie blocking enabled by default. However, this flaw could allow other multi-step attacks. The patch has been released in Sentry 23.6.2.
Severity
6.8 (Medium)
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/getsentry/sentry/security/advi… | x_refsource_CONFIRM |
| https://github.com/getsentry/sentry/pull/52276 | x_refsource_MISC |
| https://github.com/getsentry/sentry/commit/ee44c6… | x_refsource_MISC |
| https://github.com/getsentry/self-hosted/releases… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:01:09.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/getsentry/sentry/security/advisories/GHSA-4xqm-4p72-87h6",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/getsentry/sentry/security/advisories/GHSA-4xqm-4p72-87h6"
},
{
"name": "https://github.com/getsentry/sentry/pull/52276",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/getsentry/sentry/pull/52276"
},
{
"name": "https://github.com/getsentry/sentry/commit/ee44c6be35e5e464bc40637580f39867898acd8b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/getsentry/sentry/commit/ee44c6be35e5e464bc40637580f39867898acd8b"
},
{
"name": "https://github.com/getsentry/self-hosted/releases/tag/23.6.2",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/getsentry/self-hosted/releases/tag/23.6.2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sentry:sentry:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sentry",
"vendor": "sentry",
"versions": [
{
"lessThan": "23.6.2",
"status": "affected",
"version": "23.6.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36829",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:41:56.650447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:44:37.019Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sentry",
"vendor": "getsentry",
"versions": [
{
"status": "affected",
"version": "\u003e= 23.6.0, \u003c 23.6.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sentry is an error tracking and performance monitoring platform. Starting in version 23.6.0 and prior to version 23.6.2, the Sentry API incorrectly returns the `access-control-allow-credentials: true` HTTP header if the `Origin` request header ends with the `system.base-hostname` option of Sentry installation. This only affects installations that have `system.base-hostname` option explicitly set, as it is empty by default. Impact is limited since recent versions of major browsers have cross-site cookie blocking enabled by default. However, this flaw could allow other multi-step attacks. The patch has been released in Sentry 23.6.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-942",
"description": "CWE-942: Permissive Cross-domain Policy with Untrusted Domains",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-06T22:08:58.922Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/getsentry/sentry/security/advisories/GHSA-4xqm-4p72-87h6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/getsentry/sentry/security/advisories/GHSA-4xqm-4p72-87h6"
},
{
"name": "https://github.com/getsentry/sentry/pull/52276",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/getsentry/sentry/pull/52276"
},
{
"name": "https://github.com/getsentry/sentry/commit/ee44c6be35e5e464bc40637580f39867898acd8b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/getsentry/sentry/commit/ee44c6be35e5e464bc40637580f39867898acd8b"
},
{
"name": "https://github.com/getsentry/self-hosted/releases/tag/23.6.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/getsentry/self-hosted/releases/tag/23.6.2"
}
],
"source": {
"advisory": "GHSA-4xqm-4p72-87h6",
"discovery": "UNKNOWN"
},
"title": "Sentry CORS misconfiguration vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-36829",
"datePublished": "2023-07-06T22:08:58.922Z",
"dateReserved": "2023-06-27T15:43:18.388Z",
"dateUpdated": "2024-11-06T16:44:37.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37491 (GCVE-0-2023-37491)
Vulnerability from cvelistv5 – Published: 2023-08-08 00:46 – Updated: 2024-10-22 19:40
VLAI
Title
Improper Authorization check vulnerability in SAP Message Server
Summary
The ACL (Access Control List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, RNL64UC 7.22, RNL64UC 7.22EXT, RNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT, can be bypassed in certain conditions, which may enable an authenticated malicious user to enter the network of the SAP systems served by the attacked SAP Message server. This may lead to unauthorized read and write of data as well as rendering the system unavailable.
Severity
7.5 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP Message Server |
Affected:
KERNEL 7.22
Affected: KERNEL 7.53 Affected: KERNEL 7.54 Affected: KERNEL 7.77 Affected: RNL64UC 7.22 Affected: RNL64UC 7.22EXT Affected: RNL64UC 7.53 Affected: KRNL64NUC 7.22 Affected: KRNL64NUC 7.22EXT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:16:30.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3344295"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T19:40:10.957192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T19:40:56.499Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Message Server",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "KERNEL 7.22"
},
{
"status": "affected",
"version": "KERNEL 7.53"
},
{
"status": "affected",
"version": "KERNEL 7.54"
},
{
"status": "affected",
"version": "KERNEL 7.77"
},
{
"status": "affected",
"version": "RNL64UC 7.22"
},
{
"status": "affected",
"version": "RNL64UC 7.22EXT"
},
{
"status": "affected",
"version": "RNL64UC 7.53"
},
{
"status": "affected",
"version": "KRNL64NUC 7.22"
},
{
"status": "affected",
"version": "KRNL64NUC 7.22EXT"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe ACL (Access\u00a0Control\u00a0List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, RNL64UC 7.22, RNL64UC 7.22EXT, RNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT, can be bypassed in certain conditions, which may enable an authenticated malicious user to enter the network of the SAP systems served by the attacked SAP Message server. This may lead to unauthorized read and write of data as well as rendering the system unavailable.\u003c/p\u003e"
}
],
"value": "The ACL (Access\u00a0Control\u00a0List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, RNL64UC 7.22, RNL64UC 7.22EXT, RNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT, can be bypassed in certain conditions, which may enable an authenticated malicious user to enter the network of the SAP systems served by the attacked SAP Message server. This may lead to unauthorized read and write of data as well as rendering the system unavailable."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-28T22:05:33.015Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3344295"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Authorization check vulnerability in SAP Message Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-37491",
"datePublished": "2023-08-08T00:46:40.819Z",
"dateReserved": "2023-07-06T14:57:18.510Z",
"dateUpdated": "2024-10-22T19:40:56.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37492 (GCVE-0-2023-37492)
Vulnerability from cvelistv5 – Published: 2023-08-08 00:47 – Updated: 2024-10-08 16:26
VLAI
Title
Missing Authorization check in SAP NetWeaver AS ABAP and ABAP Platform
Summary
SAP NetWeaver Application Server ABAP and ABAP Platform - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 793, SAP_BASIS 804, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read sensitive information which can be used in a subsequent serious attack.
Severity
4.9 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP NetWeaver AS ABAP and ABAP Platform |
Affected:
SAP_BASIS 700
Affected: SAP_BASIS 701 Affected: SAP_BASIS 702 Affected: SAP_BASIS 731 Affected: SAP_BASIS 740 Affected: SAP_BASIS 750 Affected: SAP_BASIS 752 Affected: SAP_BASIS 753 Affected: SAP_BASIS 754 Affected: SAP_BASIS 755 Affected: SAP_BASIS 756 Affected: SAP_BASIS 757 Affected: SAP_BASIS 758 Affected: SAP_BASIS 793 Affected: SAP_BASIS 804 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:16:30.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3348000"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T16:24:07.282612Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T16:26:09.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver AS ABAP and ABAP Platform",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_BASIS 700"
},
{
"status": "affected",
"version": "SAP_BASIS 701"
},
{
"status": "affected",
"version": "SAP_BASIS 702"
},
{
"status": "affected",
"version": "SAP_BASIS 731"
},
{
"status": "affected",
"version": "SAP_BASIS 740"
},
{
"status": "affected",
"version": "SAP_BASIS 750"
},
{
"status": "affected",
"version": "SAP_BASIS 752"
},
{
"status": "affected",
"version": "SAP_BASIS 753"
},
{
"status": "affected",
"version": "SAP_BASIS 754"
},
{
"status": "affected",
"version": "SAP_BASIS 755"
},
{
"status": "affected",
"version": "SAP_BASIS 756"
},
{
"status": "affected",
"version": "SAP_BASIS 757"
},
{
"status": "affected",
"version": "SAP_BASIS 758"
},
{
"status": "affected",
"version": "SAP_BASIS 793"
},
{
"status": "affected",
"version": "SAP_BASIS 804"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP NetWeaver Application Server ABAP and ABAP Platform - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 793, SAP_BASIS 804, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read sensitive information which can be used in a subsequent serious attack.\u003c/p\u003e"
}
],
"value": "SAP NetWeaver Application Server ABAP and ABAP Platform - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 793, SAP_BASIS 804, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read sensitive information which can be used in a subsequent serious attack."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-28T22:06:21.084Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3348000"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authorization check in SAP NetWeaver AS ABAP and ABAP Platform",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-37492",
"datePublished": "2023-08-08T00:47:40.255Z",
"dateReserved": "2023-07-06T14:57:18.511Z",
"dateUpdated": "2024-10-08T16:26:09.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37579 (GCVE-0-2023-37579)
Vulnerability from cvelistv5 – Published: 2023-07-12 09:05 – Updated: 2024-10-08 13:35
VLAI
Title
Apache Pulsar Function Worker: Incorrect Authorization for Function Worker Can Leak Sink/Source Credentials
Summary
Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Function Worker.
This issue affects Apache Pulsar: before 2.10.4, and 2.11.0.
Any authenticated user can retrieve a source's configuration or a sink's configuration without authorization. Many sources and sinks contain credentials in the configuration, which could lead to leaked credentials. This vulnerability is mitigated by the fact that there is not a known way for an authenticated user to enumerate another tenant's sources or sinks, meaning the source or sink name would need to be guessed in order to exploit this vulnerability.
The recommended mitigation for impacted users is to upgrade the Pulsar Function Worker to a patched version.
2.10 Pulsar Function Worker users should upgrade to at least 2.10.4.
2.11 Pulsar Function Worker users should upgrade to at least 2.11.1.
3.0 Pulsar Function Worker users are unaffected.
Any users running the Pulsar Function Worker for 2.9.* and earlier should upgrade to one of the above patched versions.
Severity
8.2 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/0dmn3cb5n2p08o3cp… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Pulsar Function Worker |
Affected:
0 , < 2.10.4
(semver)
Affected: 2.11.0 |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:16:30.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/0dmn3cb5n2p08o3cpj3ycfhzfqs2ppwz"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pulsar",
"vendor": "apache",
"versions": [
{
"lessThan": "2.10.4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "affected",
"version": "2.11.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37579",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T13:34:09.643587Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T13:35:12.605Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Pulsar Function Worker",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.10.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "affected",
"version": "2.11.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Marshall of DataStax"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Function Worker.\u003cbr\u003e\u003cbr\u003eThis issue affects Apache Pulsar: before 2.10.4, and 2.11.0.\u003cbr\u003e\u003cbr\u003eAny authenticated user can retrieve a source\u0027s configuration or a sink\u0027s configuration without authorization. Many sources and sinks contain credentials in the configuration, which could lead to leaked credentials. This vulnerability is mitigated by the fact that there is not a known way for an authenticated user to enumerate another tenant\u0027s sources or sinks, meaning the source or sink name would need to be guessed in order to exploit this vulnerability.\u003cbr\u003e\u003cbr\u003eThe recommended mitigation for impacted users is to upgrade the Pulsar Function Worker to a patched version.\u003cbr\u003e\u003cbr\u003e2.10 Pulsar Function Worker users should upgrade to at least 2.10.4.\u003cbr\u003e2.11 Pulsar Function Worker users should upgrade to at least 2.11.1.\u003cbr\u003e3.0 Pulsar Function Worker users are unaffected.\u003cbr\u003eAny users running the Pulsar Function Worker for 2.9.* and earlier should upgrade to one of the above patched versions.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Function Worker.\n\nThis issue affects Apache Pulsar: before 2.10.4, and 2.11.0.\n\nAny authenticated user can retrieve a source\u0027s configuration or a sink\u0027s configuration without authorization. Many sources and sinks contain credentials in the configuration, which could lead to leaked credentials. This vulnerability is mitigated by the fact that there is not a known way for an authenticated user to enumerate another tenant\u0027s sources or sinks, meaning the source or sink name would need to be guessed in order to exploit this vulnerability.\n\nThe recommended mitigation for impacted users is to upgrade the Pulsar Function Worker to a patched version.\n\n2.10 Pulsar Function Worker users should upgrade to at least 2.10.4.\n2.11 Pulsar Function Worker users should upgrade to at least 2.11.1.\n3.0 Pulsar Function Worker users are unaffected.\nAny users running the Pulsar Function Worker for 2.9.* and earlier should upgrade to one of the above patched versions.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-12T09:05:24.408Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/0dmn3cb5n2p08o3cpj3ycfhzfqs2ppwz"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Apache Pulsar Function Worker: Incorrect Authorization for Function Worker Can Leak Sink/Source Credentials",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-37579",
"datePublished": "2023-07-12T09:05:24.408Z",
"dateReserved": "2023-07-07T21:58:25.770Z",
"dateUpdated": "2024-10-08T13:35:12.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37881 (GCVE-0-2023-37881)
Vulnerability from cvelistv5 – Published: 2023-09-12 08:14 – Updated: 2024-09-25 15:24
VLAI
Title
Weak Access Control between Domains in Wing FTP Server <= 7.2.0
Summary
Weak access control in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: <= 7.2.0.
Severity
4.9 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Wing FTP Server | Wing FTP Server |
Affected:
<= 7.2.0
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wftpserver.com/serverhistory.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37881",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:02:16.143074Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:24:43.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Wing FTP Server",
"vendor": "Wing FTP Server",
"versions": [
{
"status": "affected",
"version": "\u003c= 7.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Thomas Felder"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Weak access control in Wing FTP Server (Admin Web Client) allows for privilege escalation.\u003cp\u003eThis issue affects Wing FTP Server: \u0026lt;= 7.2.0.\u003c/p\u003e"
}
],
"value": "Weak access control in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: \u003c= 7.2.0.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T08:14:20.704Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"url": "https://www.wftpserver.com/serverhistory.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Weak Access Control between Domains in Wing FTP Server \u003c= 7.2.0",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2023-37881",
"datePublished": "2023-09-12T08:14:20.704Z",
"dateReserved": "2023-07-10T12:59:24.029Z",
"dateUpdated": "2024-09-25T15:24:43.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38209 (GCVE-0-2023-38209)
Vulnerability from cvelistv5 – Published: 2023-08-09 07:41 – Updated: 2025-02-27 21:05
VLAI
Title
Adobe Commerce Incorrect Authorization Security feature bypass
Summary
Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Incorrect Authorization vulnerability that could lead to a Security feature bypass. A low-privileged attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction.
Severity
6.5 (Medium)
CWE
- CWE-863 - Incorrect Authorization (CWE-863)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/magento… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Magento Commerce |
Affected:
0 , ≤ 2.4.4-p4
(semver)
|
Date Public
2023-08-08 17:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb23-42.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:38.774004Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:05:58.591Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Magento Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.4-p4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Incorrect Authorization vulnerability that could lead to a Security feature bypass. A low-privileged attacker could leverage this vulnerability to access other user\u0027s data. Exploitation of this issue does not require user interaction."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "NETWORK",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization (CWE-863)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T07:41:46.279Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb23-42.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Commerce Incorrect Authorization Security feature bypass"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38209",
"datePublished": "2023-08-09T07:41:46.279Z",
"dateReserved": "2023-07-13T16:21:52.612Z",
"dateUpdated": "2025-02-27T21:05:58.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38218 (GCVE-0-2023-38218)
Vulnerability from cvelistv5 – Published: 2023-10-13 06:15 – Updated: 2024-08-02 17:30
VLAI
Title
Incorrect Authorization - Customer account takeover
Summary
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Incorrect Authorization . An authenticated attacker can exploit this to achieve information exposure and privilege escalation.
Severity
8.8 (High)
CWE
- CWE-863 - Incorrect Authorization (CWE-863)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/magento… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Adobe Commerce |
Affected:
0 , ≤ 2.4.7-beta1
(semver)
|
Date Public
2023-10-10 17:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Adobe Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.7-beta1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Incorrect Authorization . An authenticated attacker can exploit this to achieve information exposure and privilege escalation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "NETWORK",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization (CWE-863)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T10:54:06.399Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Incorrect Authorization - Customer account takeover"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38218",
"datePublished": "2023-10-13T06:15:09.975Z",
"dateReserved": "2023-07-13T16:21:52.613Z",
"dateUpdated": "2024-08-02T17:30:14.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38368 (GCVE-0-2023-38368)
Vulnerability from cvelistv5 – Published: 2024-06-27 18:25 – Updated: 2025-11-03 21:48
VLAI
Title
IBM Security Access Manager Docker information disclosure
Summary
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls. IBM X-Force ID: 261195.
Severity
5.5 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7158790 | vendor-advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Security Access Manager Docker |
Affected:
10.0.0.0 , ≤ 10.0.7.1
(semver)
cpe:2.3:a:ibm:security_verify_access_docker:10.0.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:security_verify_access_docker:10.0.7.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38368",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T20:35:29.363503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-27T20:35:35.900Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:48:57.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/7158790"
},
{
"tags": [
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/261195"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Nov/0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:security_verify_access_docker:10.0.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:security_verify_access_docker:10.0.7.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Security Access Manager Docker",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "10.0.7.1",
"status": "affected",
"version": "10.0.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls. IBM X-Force ID: 261195."
}
],
"value": "IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls. IBM X-Force ID: 261195."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-24T10:48:57.321Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7158790"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/261195"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Security Access Manager Docker information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2023-38368",
"datePublished": "2024-06-27T18:25:39.896Z",
"dateReserved": "2023-07-16T00:53:28.840Z",
"dateUpdated": "2025-11-03T21:48:57.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-38389 (GCVE-0-2023-38389)
Vulnerability from cvelistv5 – Published: 2024-06-21 15:58 – Updated: 2026-04-28 16:08
VLAI
Title
WordPress Jupiter X Core plugin <= 3.3.8 - Unauthenticated Account Takeover vulnerability
Summary
Incorrect Authorization vulnerability in Artbees JupiterX Core allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JupiterX Core: from n/a through 3.3.8.
Severity
9.8 (Critical)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/jup… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Artbees | JupiterX Core |
Affected:
n/a , ≤ 3.3.8
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-24T14:14:04.197540Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T14:14:13.951Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:39:13.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/jupiterx-core/wordpress-jupiter-x-core-plugin-3-3-0-unauthenticated-account-takeover-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JupiterX Core",
"vendor": "Artbees",
"versions": [
{
"changes": [
{
"at": "3.4.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.3.8",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rafie Muhammad (Patchstack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Authorization vulnerability in Artbees JupiterX Core allows Accessing Functionality Not Properly Constrained by ACLs.\u003cp\u003eThis issue affects JupiterX Core: from n/a through 3.3.8.\u003c/p\u003e"
}
],
"value": "Incorrect Authorization vulnerability in Artbees JupiterX Core allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JupiterX Core: from n/a through 3.3.8."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:08:33.865Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/jupiterx-core/wordpress-jupiter-x-core-plugin-3-3-0-unauthenticated-account-takeover-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 3.4.3 or a higher version."
}
],
"value": "Update to 3.4.3 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Jupiter X Core plugin \u003c= 3.3.8 - Unauthenticated Account Takeover vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-38389",
"datePublished": "2024-06-21T15:58:28.347Z",
"dateReserved": "2023-07-17T15:21:38.732Z",
"dateUpdated": "2026-04-28T16:08:33.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Phase: Architecture and Design
Description:
- Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation ID: MIT-4.4
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Description:
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
Phase: Architecture and Design
Description:
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Phases: System Configuration, Installation
Description:
- Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
No CAPEC attack patterns related to this CWE.