CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1251 vulnerabilities reference this CWE, most recent first.
GHSA-RGFX-7P65-3FF4
Vulnerability from github – Published: 2025-02-04 12:30 – Updated: 2025-02-18 22:31In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorized operations.
This is same vulnerability that CVE-2020-13946 was issued for, but the Java option was changed in JDK10.
This issue affects Apache Cassandra from 4.0.2 through 5.0.2 running Java 11.
Operators are recommended to upgrade to a release equal to or later than 4.0.15, 4.1.8, or 5.0.3 which fixes the issue.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.cassandra:cassandra-all"
},
"ranges": [
{
"events": [
{
"introduced": "5.0-beta1"
},
{
"fixed": "5.0.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.cassandra:cassandra-all"
},
"ranges": [
{
"events": [
{
"introduced": "4.1.0"
},
{
"fixed": "4.1.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.cassandra:cassandra-all"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.2"
},
{
"fixed": "4.0.15"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-27137"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2025-02-04T18:39:25Z",
"nvd_published_at": "2025-02-04T11:15:08Z",
"severity": "MODERATE"
},
"details": "In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorized operations.\n\nThis is same vulnerability that CVE-2020-13946 was issued for, but the Java option was changed in JDK10.\n\nThis issue affects Apache Cassandra from 4.0.2 through 5.0.2 running Java 11.\n\nOperators are recommended to upgrade to a release equal to or later than 4.0.15, 4.1.8, or 5.0.3 which fixes the issue.",
"id": "GHSA-rgfx-7p65-3ff4",
"modified": "2025-02-18T22:31:37Z",
"published": "2025-02-04T12:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27137"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/cassandra"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/jsk87d9yv8r204mgqpz1qxtp5wcrpysm"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250214-0004"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Apache Cassandra: unrestricted deserialization of JMX authentication credentials"
}
GHSA-RGP2-M7FC-79R8
Vulnerability from github – Published: 2022-01-02 00:00 – Updated: 2023-08-08 15:31An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity process can open the driver's device object and issue IOCTLs to read or write to arbitrary physical memory locations (or call an arbitrary address), leading to execution of arbitrary code. This is associated with 0x226040, 0x226044, and 0x226000.
{
"affected": [],
"aliases": [
"CVE-2021-44852"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-01T06:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity process can open the driver\u0027s device object and issue IOCTLs to read or write to arbitrary physical memory locations (or call an arbitrary address), leading to execution of arbitrary code. This is associated with 0x226040, 0x226044, and 0x226000.",
"id": "GHSA-rgp2-m7fc-79r8",
"modified": "2023-08-08T15:31:29Z",
"published": "2022-01-02T00:00:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44852"
},
{
"type": "WEB",
"url": "https://nephosec.com/biostar-exploit"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RHRH-2GJF-7XQF
Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-05-24 19:06A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox < 88.
{
"affected": [],
"aliases": [
"CVE-2021-24001"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-24T14:15:00Z",
"severity": "MODERATE"
},
"details": "A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox \u003c 88.",
"id": "GHSA-rhrh-2gjf-7xqf",
"modified": "2022-05-24T19:06:10Z",
"published": "2022-05-24T19:06:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-24001"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1694727"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2021-16"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-RJ48-QJ2X-783M
Vulnerability from github – Published: 2023-02-15 15:30 – Updated: 2023-02-24 18:30AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00.
{
"affected": [],
"aliases": [
"CVE-2023-25192"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-02-15T15:15:00Z",
"severity": "MODERATE"
},
"details": "AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00.",
"id": "GHSA-rj48-qj2x-783m",
"modified": "2023-02-24T18:30:27Z",
"published": "2023-02-15T15:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25192"
},
{
"type": "WEB",
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023002.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RJWW-2X8V-M9V9
Vulnerability from github – Published: 2021-04-19 14:52 – Updated: 2022-09-21 19:31Insecure configuration of default ObjectMapper in com.vaadin:flow-server versions 3.0.0 through 3.0.5 (Vaadin 15.0.0 through 15.0.4) may expose sensitive data if the application also uses e.g. @RestController
- https://vaadin.com/security/cve-2020-36319
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.vaadin:flow-server"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "3.0.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-36319"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2021-04-16T23:16:31Z",
"nvd_published_at": "2021-04-23T16:15:00Z",
"severity": "LOW"
},
"details": "Insecure configuration of default `ObjectMapper` in `com.vaadin:flow-server` versions 3.0.0 through 3.0.5 (Vaadin 15.0.0 through 15.0.4) may expose sensitive data if the application also uses e.g. `@RestController`\n\n- https://vaadin.com/security/cve-2020-36319",
"id": "GHSA-rjww-2x8v-m9v9",
"modified": "2022-09-21T19:31:15Z",
"published": "2021-04-19T14:52:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/vaadin/flow/security/advisories/GHSA-rjww-2x8v-m9v9"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36319"
},
{
"type": "WEB",
"url": "https://github.com/vaadin/flow/pull/8016"
},
{
"type": "WEB",
"url": "https://github.com/vaadin/flow/pull/8051"
},
{
"type": "PACKAGE",
"url": "https://github.com/vaadin/flow"
},
{
"type": "WEB",
"url": "https://vaadin.com/security/cve-2020-36319"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Potential sensitive data exposure in applications using Vaadin 15"
}
GHSA-RJXF-4M2W-4CQQ
Vulnerability from github – Published: 2023-09-18 21:30 – Updated: 2024-04-04 07:43An information leak in THE_B_members card v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
{
"affected": [],
"aliases": [
"CVE-2023-39058"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-18T21:15:55Z",
"severity": "MODERATE"
},
"details": "An information leak in THE_B_members card v13.6.1 allows attackers to obtain the channel access token and send crafted messages.",
"id": "GHSA-rjxf-4m2w-4cqq",
"modified": "2024-04-04T07:43:28Z",
"published": "2023-09-18T21:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39058"
},
{
"type": "WEB",
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39058.md"
},
{
"type": "WEB",
"url": "http://thebmembers.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RMC2-G977-JR5R
Vulnerability from github – Published: 2022-05-24 17:08 – Updated: 2022-05-24 17:08An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
{
"affected": [],
"aliases": [
"CVE-2020-8449"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-02-04T20:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.",
"id": "GHSA-rmc2-g977-jr5r",
"modified": "2022-05-24T17:08:00Z",
"published": "2022-05-24T17:08:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8449"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G6W2IQ7QV2OGREFFUBNVZIDD3RJBDE4R"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSU6SPANL27AGK5PCGBJOKG4LUWA555J"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202003-34"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210304-0002"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4289-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4682"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00010.html"
},
{
"type": "WEB",
"url": "http://www.squid-cache.org/Advisories/SQUID-2020_1.txt"
},
{
"type": "WEB",
"url": "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2020_1.patch"
},
{
"type": "WEB",
"url": "http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-8e657e835965c3a011375feaa0359921c5b3e2dd.patch"
},
{
"type": "WEB",
"url": "http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_1.patch"
},
{
"type": "WEB",
"url": "http://www.squid-cache.org/Versions/v4/changesets/squid-4-b3a0719affab099c684f1cd62b79ab02816fa962.patch"
},
{
"type": "WEB",
"url": "http://www.squid-cache.org/Versions/v4/changesets/squid-4-d8e4715992d0e530871519549add5519cbac0598.patch"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-RP69-VV8V-JVMW
Vulnerability from github – Published: 2023-10-11 12:30 – Updated: 2024-04-04 08:33The Bluetooth module has a vulnerability in permission control for broadcast notifications.Successful exploitation of this vulnerability may affect confidentiality.
{
"affected": [],
"aliases": [
"CVE-2023-44101"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-11T12:15:11Z",
"severity": "HIGH"
},
"details": "The Bluetooth module has a vulnerability in permission control for broadcast notifications.Successful exploitation of this vulnerability may affect confidentiality.",
"id": "GHSA-rp69-vv8v-jvmw",
"modified": "2024-04-04T08:33:43Z",
"published": "2023-10-11T12:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44101"
},
{
"type": "WEB",
"url": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RP88-5VG5-8WX2
Vulnerability from github – Published: 2022-09-20 00:00 – Updated: 2022-09-22 00:00Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. If this generated .crt file is shared, an attacker can obtain the private key information for the uploaded certificate. IBM X-Force ID: 235718.
{
"affected": [],
"aliases": [
"CVE-2022-40234"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-19T18:15:00Z",
"severity": "MODERATE"
},
"details": "Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. If this generated .crt file is shared, an attacker can obtain the private key information for the uploaded certificate. IBM X-Force ID: 235718.",
"id": "GHSA-rp88-5vg5-8wx2",
"modified": "2022-09-22T00:00:26Z",
"published": "2022-09-20T00:00:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40234"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/235718"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6619947"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RPGF-WX3X-J576
Vulnerability from github – Published: 2022-03-26 00:00 – Updated: 2022-03-31 00:00Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file. The configuration allows certain anonymous access to administration and an API.
{
"affected": [],
"aliases": [
"CVE-2022-27919"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-25T20:15:00Z",
"severity": "CRITICAL"
},
"details": "Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file. The configuration allows certain anonymous access to administration and an API.",
"id": "GHSA-rpgf-wx3x-j576",
"modified": "2022-03-31T00:00:33Z",
"published": "2022-03-26T00:00:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27919"
},
{
"type": "WEB",
"url": "https://security.gradle.com/advisory/2022-05"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.