Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

CVEs (1,771)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-44981 2Apache Debian 2Debian Linux Zookeeper Apr 23, 2025 Oct 11, 2023 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper (quorum.auth.enableSasl=true), the authorization is done by verifying that th...Show more Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper (quorum.auth.enableSasl=true), the authorization is done by verifying that the instance part in SASL authentication ID is listed in zoo.cfg server list. The instance part in SASL auth ID is optional and if it's missing, like 'eve@EXAMPLE.COM', the authorization check will be skipped. As a result an arbitrary endpoint could join the cluster and begin propagating counterfeit changes to the leader, essentially giving it complete read-write access to the data tree. Quorum Peer authentication is not enabled by default. Users are recommended to upgrade to version 3.9.1, 3.8.3, 3.7.2, which fixes the issue. Alternately ensure the ensemble election/quorum communication is protected by a firewall as this will mitigate the issue. See the documentation for more details on correct cluster administration.Show less
CVE-2023-44249 1Fortinet 2Fortianalyzer Fortimanager Nov 21, 2024 Oct 10, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An authorization bypass through user-controlled key [CWE-639] vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAnalyzer version 7.4.0 and before 7.2.3 allows a remote attacker with low privi...Show more An authorization bypass through user-controlled key [CWE-639] vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAnalyzer version 7.4.0 and before 7.2.3 allows a remote attacker with low privileges to read sensitive information via crafted HTTP requests.Show less
CVE-2023-42455 1Wazuh 2Wazuh Dashboard Wazuh Kibana App Nov 21, 2024 Oct 9, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Wazuh is a security detection, visibility, and compliance open source project. In versions 4.4.0 and 4.4.1, it is possible to get the Wazuh API administrator key used by the Dashboard using the browser development tools....Show more Wazuh is a security detection, visibility, and compliance open source project. In versions 4.4.0 and 4.4.1, it is possible to get the Wazuh API administrator key used by the Dashboard using the browser development tools. This allows a logged user to the dashboard to become administrator of the API, even if their dashboard role is not. Version 4.4.2 contains a fix. There are no known workarounds.Show less
CVE-2023-26237 1Watchguard 4Edr Firmware Epdr FirmwareEpp Firmware+1 more Nov 21, 2024 Oct 5, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM.
CVE-2023-2544 1Upv 1Peix Nov 21, 2024 Oct 3, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Authorization bypass vulnerability in UPV PEIX, affecting the component "pdf_curri_new.php". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other reg...Show more Authorization bypass vulnerability in UPV PEIX, affecting the component "pdf_curri_new.php". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.Show less
CVE-2023-32669 1Buddyboss 1Buddyboss Nov 21, 2024 Oct 3, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Authorization bypass vulnerability in BuddyBoss 2.2.9 version, the exploitation of which could allow an authenticated user to access and rename other users' albums. This vulnerability can be exploited by changing the alb...Show more Authorization bypass vulnerability in BuddyBoss 2.2.9 version, the exploitation of which could allow an authenticated user to access and rename other users' albums. This vulnerability can be exploited by changing the album identification (id).Show less
CVE-2023-4101 1Qsige 1Qsige Nov 21, 2024 Oct 3, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.
CVE-2023-4099 1Qsige 1Qsige Nov 21, 2024 Oct 3, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application...Show more The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.Show less
CVE-2023-38872 1Economizzer 1Economizzer Nov 21, 2024 Sep 28, 2023 N/A· v4 3.7 LOW· v3 N/A· v2 An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if t...Show more An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment.Show less
CVE-2023-4934 1Usta 1Aybs May 21, 2026 Sep 27, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in Usta AYBS allows Authentication Abuse, Authentication Bypass. This issue affects AYBS: before 1.0.3.
CVE-2023-44206 1Acronis 1Cyber Protect Nov 21, 2024 Sep 27, 2023 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
CVE-2023-44205 1Acronis 1Cyber Protect Nov 21, 2024 Sep 27, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
CVE-2023-44154 1Acronis 1Cyber Protect Nov 21, 2024 Sep 27, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
CVE-2023-42334 1Fl3xx 2Crew Dispatch Nov 21, 2024 Sep 20, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An Indirect Object Reference (IDOR) in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote attacker to escalate privileges via the user parameter.
CVE-2023-4213 1Mikevanwinkle 1Simplr Registration Form Plus+ Apr 8, 2026 Sep 13, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, l...Show more The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with subscriber-level permissions or above to change user passwords and potentially take over administrator accounts.Show less
CVE-2023-41368 1Sap 1S/4 Hana Nov 21, 2024 Sep 12, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The OData service of the S4 HANA (Manage checkbook apps) - versions 102, 103, 104, 105, 106, 107, allows an attacker to change the checkbook name by simulating an update OData call.
CVE-2020-10130 1Searchblox 1Searchblox Nov 21, 2024 Sep 6, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 SearchBlox before Version 9.1 is vulnerable to business logic bypass where the user is able to create multiple super admin users in the system.
CVE-2023-4587 1Zkteco 1Zem800 Firmware Nov 21, 2024 Sep 4, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. This vulnerability allows a local attacker to obtain registered user backup files or device configuration files over a local network o...Show more An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. This vulnerability allows a local attacker to obtain registered user backup files or device configuration files over a local network or through a VPN server.Show less
CVE-2023-2173 1Badgeos 1Badgeos Apr 8, 2026 Aug 31, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The BadgeOS plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.7.1.6. This is due to improper validation and authorization checks within the badgeos_delete_step_aja...Show more The BadgeOS plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.7.1.6. This is due to improper validation and authorization checks within the badgeos_delete_step_ajax_handler, badgeos_delete_award_step_ajax_handler, badgeos_delete_deduct_step_ajax_handler, and badgeos_delete_rank_req_step_ajax_handler functions. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete arbitrary posts.Show less
CVE-2023-2172 1Badgeos 1Badgeos Apr 8, 2026 Aug 31, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The BadgeOS plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.7.1.6. This is due to improper validation and authorization checks within the badgeos_update_steps_aj...Show more The BadgeOS plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.7.1.6. This is due to improper validation and authorization checks within the badgeos_update_steps_ajax_handler, badgeos_update_award_steps_ajax_handler, badgeos_update_deduct_steps_ajax_handler, and badgeos_update_ranks_req_steps_ajax_handler functions. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to overwrite arbitrary post titles.Show less

Previous 1...676869...89 Next