Common Weakness Enumeration

CWE-286

Allowed-with-Review

Incorrect User Management

Abstraction: Class · Status: Incomplete

The product does not properly manage a user within its environment.

58 vulnerabilities reference this CWE, most recent first.

GHSA-8FMW-7MXC-55JQ

Vulnerability from github – Published: 2024-01-11 15:30 – Updated: 2024-01-22 21:31
VLAI
Details

ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-51750"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-286"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-11T14:15:44Z",
    "severity": "MODERATE"
  },
  "details": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur.",
  "id": "GHSA-8fmw-7mxc-55jq",
  "modified": "2024-01-22T21:31:06Z",
  "published": "2024-01-11T15:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51750"
    },
    {
      "type": "WEB",
      "url": "https://help.scalefusion.com/docs/security-advisory-for-windows-mdm-agent"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9474-6FXF-WJJ8

Vulnerability from github – Published: 2024-11-19 21:31 – Updated: 2024-11-19 21:31
VLAI
Details

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to perform unauthorized actions that should be reserved to administrator used due to improper access controls.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-52359"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-286"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-19T20:15:31Z",
    "severity": "MODERATE"
  },
  "details": "IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to perform unauthorized actions that should be reserved to administrator used due to improper access controls.",
  "id": "GHSA-9474-6fxf-wjj8",
  "modified": "2024-11-19T21:31:33Z",
  "published": "2024-11-19T21:31:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52359"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7176346"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-94MV-6G8W-JXVX

Vulnerability from github – Published: 2024-06-11 21:32 – Updated: 2024-10-29 15:31
VLAI
Details

A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM  application and server management. If exploited a malicious user could use the passwords and login information to extend access on the server and other services.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-28020"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-286"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-11T19:16:05Z",
    "severity": "HIGH"
  },
  "details": "A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM\u00a0 application and server management. If exploited a malicious user \ncould use the passwords and login information to extend access on \nthe server and other services.",
  "id": "GHSA-94mv-6g8w-jxvx",
  "modified": "2024-10-29T15:31:58Z",
  "published": "2024-06-11T21:32:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28020"
    },
    {
      "type": "WEB",
      "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194\u0026languageCode=en\u0026Preview=true"
    },
    {
      "type": "WEB",
      "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201\u0026languageCode=en\u0026Preview=true"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-974F-9H45-G4V4

Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2026-02-20 21:31
VLAI
Details

Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode. This is a critical vulnerability and Dell recommends upgrading at the earliest.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-21553"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-286"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-03T00:15:00Z",
    "severity": "HIGH"
  },
  "details": "Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode. This is a critical vulnerability and Dell recommends upgrading at the earliest.",
  "id": "GHSA-974f-9h45-g4v4",
  "modified": "2026-02-20T21:31:13Z",
  "published": "2022-05-24T19:09:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21553"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/000188148"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9WJ2-4HCM-R74J

Vulnerability from github – Published: 2025-10-03 14:52 – Updated: 2025-10-13 15:10
VLAI
Summary
phpMyFAQ duplicate email registration allows multiple accounts with the same email
Details

Summary

phpMyFAQ does not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password resets, notifications, and administrative actions, this flaw can cause account ambiguity and, in certain configurations, may lead to privilege escalation or account takeover.

Details

An account management logic flaw in phpMyFAQ allows attackers to register multiple accounts under the same email address. If email is used for password reset or administrative flows, this may result in account takeover, loss of accountability, and abuse of business logic.

PoC

1.Register a user with email test@example.com 2.Register another user with the same email. 3.Both accounts appear in /admin/?action=user&user_action=listallusers. image

Impact

-Data integrity loss: Multiple accounts mapped to one email break auditability. -Password reset ambiguity: If reset flow relies on email only, attackers can target or take over accounts. -Privilege escalation: If one account with the same email has admin privileges, an attacker controlling the email may escalate. -Spam / DoS: Attackers can mass-register accounts with a single email to pollute the system.

This is a business logic / authentication vulnerability. Impacted users are anyone relying on phpMyFAQ’s account system where email is assumed to be unique.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "thorsten/phpmyfaq"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.7"
            },
            {
              "fixed": "4.0.13"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-59943"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284",
      "CWE-286"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-10-03T14:52:33Z",
    "nvd_published_at": "2025-10-03T21:15:34Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nphpMyFAQ does not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password resets, notifications, and administrative actions, this flaw can cause account ambiguity and, in certain configurations, may lead to privilege escalation or account takeover.\n\n### Details\nAn account management logic flaw in phpMyFAQ allows attackers to register multiple accounts under the same email address. If email is used for password reset or administrative flows, this may result in account takeover, loss of accountability, and abuse of business logic.\n### PoC\n\n1.Register  a user with email test@example.com\n2.Register another user with the same email.\n3.Both accounts appear in /admin/?action=user\u0026user_action=listallusers.\n\u003cimg width=\"1150\" height=\"628\" alt=\"image\" src=\"https://github.com/user-attachments/assets/8c19f01a-e897-4ca7-b3f8-fcf83e6ff952\" /\u003e\n\n### Impact\n\n-Data integrity loss: Multiple accounts mapped to one email break auditability.\n-Password reset ambiguity: If reset flow relies on email only, attackers can target or take over accounts.\n-Privilege escalation: If one account with the same email has admin privileges, an attacker controlling the email may escalate.\n-Spam / DoS: Attackers can mass-register accounts with a single email to pollute the system.\n\nThis is a business logic / authentication vulnerability. Impacted users are anyone relying on phpMyFAQ\u2019s account system where email is assumed to be unique.",
  "id": "GHSA-9wj2-4hcm-r74j",
  "modified": "2025-10-13T15:10:22Z",
  "published": "2025-10-03T14:52:33Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-9wj2-4hcm-r74j"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59943"
    },
    {
      "type": "WEB",
      "url": "https://github.com/thorsten/phpMyFAQ/commit/44cd20f86eb041f39d1c30a9beefad1cc61dc0ec"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/thorsten/phpMyFAQ"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "phpMyFAQ duplicate email registration allows multiple accounts with the same email"
}

GHSA-C9X9-QGXX-CJ62

Vulnerability from github – Published: 2025-05-22 18:31 – Updated: 2025-05-22 18:31
VLAI
Details

An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when logged in as a "non" root ASPECT user. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-48853"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-286"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-22T17:15:23Z",
    "severity": "CRITICAL"
  },
  "details": "An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when logged in as a \"non\" root ASPECT user.\u00a0This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.",
  "id": "GHSA-c9x9-qgxx-cj62",
  "modified": "2025-05-22T18:31:15Z",
  "published": "2025-05-22T18:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48853"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021\u0026LanguageCode=en\u0026DocumentPartId=pdf\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:C/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-CWRM-9WH5-JQ4M

Vulnerability from github – Published: 2025-04-08 15:31 – Updated: 2025-04-08 15:31
VLAI
Details

An Incorrect User Management vulnerability [CWE-286] in FortiWeb version 7.6.2 and below, version 7.4.6 and below, version 7.2.10 and below, version 7.0.11 and below widgets dashboard may allow an authenticated attacker with at least read-only admin permission to perform operations on the dashboard of other administrators via crafted requests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-46671"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-286"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-08T14:15:31Z",
    "severity": "MODERATE"
  },
  "details": "An Incorrect User Management vulnerability [CWE-286] in FortiWeb version 7.6.2 and below, version 7.4.6 and below, version 7.2.10 and below, version 7.0.11 and below widgets dashboard may allow an authenticated attacker with at least read-only admin permission to perform operations on the dashboard of other administrators via crafted requests.",
  "id": "GHSA-cwrm-9wh5-jq4m",
  "modified": "2025-04-08T15:31:05Z",
  "published": "2025-04-08T15:31:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46671"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-184"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GGGJ-FP2X-7WWW

Vulnerability from github – Published: 2021-11-20 00:00 – Updated: 2026-04-02 15:31
VLAI
Details

Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-26262"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284",
      "CWE-286"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-19T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a resource from an unauthorized actor.",
  "id": "GHSA-gggj-fp2x-7www",
  "modified": "2026-04-02T15:31:33Z",
  "published": "2021-11-20T00:00:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26262"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsma-21-313-01"
    },
    {
      "type": "WEB",
      "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-GVG6-GVPX-66F6

Vulnerability from github – Published: 2025-02-05 12:33 – Updated: 2025-02-05 12:33
VLAI
Details

An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-6356"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-286"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-05T10:15:22Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot.",
  "id": "GHSA-gvg6-gvpx-66f6",
  "modified": "2025-02-05T12:33:06Z",
  "published": "2025-02-05T12:33:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6356"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/2575051"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/469108"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HMRG-Q92X-QW2X

Vulnerability from github – Published: 2023-12-18 00:30 – Updated: 2023-12-18 00:30
VLAI
Details

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-3907"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-286"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-17T23:15:43Z",
    "severity": "MODERATE"
  },
  "details": "A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner",
  "id": "GHSA-hmrg-q92x-qw2x",
  "modified": "2023-12-18T00:30:23Z",
  "published": "2023-12-18T00:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3907"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/2058934"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/418878"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.