CWE-841
AllowedImproper Enforcement of Behavioral Workflow
Abstraction: Class · Status: Incomplete
The product supports a session in which more than one behavior must be performed by an actor, but it does not properly ensure that the actor performs the behaviors in the required sequence.
87 vulnerabilities reference this CWE, most recent first.
GHSA-8XGV-33F9-23FM
Vulnerability from github – Published: 2025-10-14 18:30 – Updated: 2025-10-14 18:30Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
{
"affected": [],
"aliases": [
"CVE-2025-55330"
],
"database_specific": {
"cwe_ids": [
"CWE-841"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-14T17:15:45Z",
"severity": "MODERATE"
},
"details": "Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.",
"id": "GHSA-8xgv-33f9-23fm",
"modified": "2025-10-14T18:30:30Z",
"published": "2025-10-14T18:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55330"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55330"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-96FR-RV8Q-2885
Vulnerability from github – Published: 2025-12-01 15:30 – Updated: 2026-06-04 09:30Improper Enforcement of Behavioral Workflow vulnerability in Seneka Software Hardware Information Technology Trade Contracting and Industry Ltd. Co. Onaylarım allows Functionality Misuse.This issue affects Onaylarım: from 25.09.26.01 through 18112025.
{
"affected": [],
"aliases": [
"CVE-2025-13129"
],
"database_specific": {
"cwe_ids": [
"CWE-841"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-01T15:15:48Z",
"severity": "LOW"
},
"details": "Improper Enforcement of Behavioral Workflow vulnerability in Seneka Software Hardware Information Technology Trade Contracting and Industry Ltd. Co. Onaylar\u0131m allows Functionality Misuse.This issue affects Onaylar\u0131m: from 25.09.26.01 through 18112025.",
"id": "GHSA-96fr-rv8q-2885",
"modified": "2026-06-04T09:30:33Z",
"published": "2025-12-01T15:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13129"
},
{
"type": "WEB",
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0422"
},
{
"type": "WEB",
"url": "https://www.usom.gov.tr/bildirim/tr-25-0422"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C537-PF3W-23P5
Vulnerability from github – Published: 2024-02-21 09:31 – Updated: 2025-11-04 21:31A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1. A user's private browsing activity may be unexpectedly saved in the App Privacy Report.
{
"affected": [],
"aliases": [
"CVE-2023-42939"
],
"database_specific": {
"cwe_ids": [
"CWE-841"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-21T07:15:50Z",
"severity": "LOW"
},
"details": "A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1. A user\u0027s private browsing activity may be unexpectedly saved in the App Privacy Report.",
"id": "GHSA-c537-pf3w-23p5",
"modified": "2025-11-04T21:31:11Z",
"published": "2024-02-21T09:31:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42939"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213982"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213982"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C7XW-P58W-H6FJ
Vulnerability from github – Published: 2023-07-18 19:12 – Updated: 2023-07-18 19:12Impersonation and lockout are possible due to email trust not being handled correctly in Keycloak. Since the verified state is not reset when the email changes, it is possible for users to shadow others with the same email and lock out or impersonate them.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.keycloak:keycloak-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "22.0.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-0105"
],
"database_specific": {
"cwe_ids": [
"CWE-287",
"CWE-841"
],
"github_reviewed": true,
"github_reviewed_at": "2023-07-18T19:12:28Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "Impersonation and lockout are possible due to email trust not being handled correctly in Keycloak. Since the verified state is not reset when the email changes, it is possible for users to shadow others with the same email and lock out or impersonate them.",
"id": "GHSA-c7xw-p58w-h6fj",
"modified": "2023-07-18T19:12:28Z",
"published": "2023-07-18T19:12:28Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-c7xw-p58w-h6fj"
},
{
"type": "WEB",
"url": "https://github.com/keycloak/keycloak/commit/87a50d3ba790b049e436c9925874f9b418af7988"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2023-0105"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158910"
},
{
"type": "PACKAGE",
"url": "https://github.com/keycloak/keycloak"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "Keycloak: Impersonation and lockout possible through incorrect handling of email trust"
}
GHSA-CXRR-H279-673F
Vulnerability from github – Published: 2024-01-11 00:30 – Updated: 2024-01-17 18:31A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Location data may be shared via iCloud links even if Location metadata is disabled via the Share Sheet.
{
"affected": [],
"aliases": [
"CVE-2022-46710"
],
"database_specific": {
"cwe_ids": [
"CWE-841"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-10T22:15:47Z",
"severity": "MODERATE"
},
"details": "A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Location data may be shared via iCloud links even if Location metadata is disabled via the Share Sheet.",
"id": "GHSA-cxrr-h279-673f",
"modified": "2024-01-17T18:31:35Z",
"published": "2024-01-11T00:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46710"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213530"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213532"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-F99X-GWVM-JPFM
Vulnerability from github – Published: 2025-10-14 18:30 – Updated: 2025-10-14 18:30Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
{
"affected": [],
"aliases": [
"CVE-2025-55337"
],
"database_specific": {
"cwe_ids": [
"CWE-841"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-14T17:15:47Z",
"severity": "MODERATE"
},
"details": "Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.",
"id": "GHSA-f99x-gwvm-jpfm",
"modified": "2025-10-14T18:30:30Z",
"published": "2025-10-14T18:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55337"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55337"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-FGQP-CJ3R-63FM
Vulnerability from github – Published: 2025-10-14 18:30 – Updated: 2025-10-14 18:30Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
{
"affected": [],
"aliases": [
"CVE-2025-55682"
],
"database_specific": {
"cwe_ids": [
"CWE-841"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-14T17:15:48Z",
"severity": "MODERATE"
},
"details": "Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.",
"id": "GHSA-fgqp-cj3r-63fm",
"modified": "2025-10-14T18:30:31Z",
"published": "2025-10-14T18:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55682"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55682"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-FJJX-Q8WJ-9P75
Vulnerability from github – Published: 2022-06-25 00:00 – Updated: 2022-07-07 00:00Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters.
{
"affected": [],
"aliases": [
"CVE-2022-2105"
],
"database_specific": {
"cwe_ids": [
"CWE-841"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-24T15:15:00Z",
"severity": "CRITICAL"
},
"details": "Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a \u201croot\u201d user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters.",
"id": "GHSA-fjjx-q8wj-9p75",
"modified": "2022-07-07T00:00:27Z",
"published": "2022-06-25T00:00:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2105"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-03"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G886-73CF-92QR
Vulnerability from github – Published: 2026-03-16 15:30 – Updated: 2026-03-16 15:30IBM Aspera Console 3.3.0 through 3.4.8 could allow a privileged user to cause a denial of service due to improper enforcement of behavioral workflow.
{
"affected": [],
"aliases": [
"CVE-2025-13459"
],
"database_specific": {
"cwe_ids": [
"CWE-841"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-16T14:17:54Z",
"severity": "LOW"
},
"details": "IBM Aspera Console 3.3.0 through 3.4.8 could allow a privileged user to cause a denial of service due to improper enforcement of behavioral workflow.",
"id": "GHSA-g886-73cf-92qr",
"modified": "2026-03-16T15:30:41Z",
"published": "2026-03-16T15:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13459"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7263486"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-J72M-JWMC-PQV8
Vulnerability from github – Published: 2023-05-03 12:30 – Updated: 2024-04-04 03:47An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible.
This issue affects:
Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3.
{
"affected": [],
"aliases": [
"CVE-2023-1383"
],
"database_specific": {
"cwe_ids": [
"CWE-841"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-03T12:16:44Z",
"severity": "MODERATE"
},
"details": "An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible.\n\nThis issue affects:\n\nAmazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. \nInsignia TV with FireOS versions prior to 7.6.3.3.",
"id": "GHSA-j72m-jwmc-pqv8",
"modified": "2024-04-04T03:47:11Z",
"published": "2023-05-03T12:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1383"
},
{
"type": "WEB",
"url": "https://www.bitdefender.com/blog/labs/vulnerabilities-identified-amazon-fire-tv-stick-insignia-fire-os-tv-series"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.