Common Weakness Enumeration

CWE-286

Allowed-with-Review

Incorrect User Management

Abstraction: Class · Status: Incomplete

The product does not properly manage a user within its environment.

58 vulnerabilities reference this CWE, most recent first.

CVE-2026-35638 (GCVE-0-2026-35638)

Vulnerability from cvelistv5 – Published: 2026-04-09 21:27 – Updated: 2026-06-23 16:15 X_Open Source
VLAI
Title
OpenClaw < 2026.3.22 - Privilege Escalation via Self-Declared Scopes in Trusted-Proxy Control UI
Summary
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the Control UI that allows unauthenticated sessions to retain self-declared privileged scopes without device identity verification. Attackers can exploit the device-less allow path in the trusted-proxy mechanism to maintain elevated permissions by declaring arbitrary scopes, bypassing device identity requirements.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-286 - Execute unauthorized code or commands
Assigner
Impacted products
Vendor Product Version
OpenClaw OpenClaw Affected: 0 , < 2026.3.22 (semver)
Unaffected: 2026.3.22 (semver)
Create a notification for this product.
Date Public
2026-03-24 00:00
Credits
Nathan (@nexrin) KeenSecurityLab
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-35638",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-10T13:58:09.619152Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-10T13:58:19.688Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageURL": "pkg:npm/openclaw",
          "product": "OpenClaw",
          "vendor": "OpenClaw",
          "versions": [
            {
              "lessThan": "2026.3.22",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "2026.3.22",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*",
                  "versionEndExcluding": "2026.3.22",
                  "vulnerable": true
                }
              ],
              "operator": "OR"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Nathan (@nexrin)"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "KeenSecurityLab"
        }
      ],
      "datePublic": "2026-03-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the Control UI that allows unauthenticated sessions to retain self-declared privileged scopes without device identity verification. Attackers can exploit the device-less allow path in the trusted-proxy mechanism to maintain elevated permissions by declaring arbitrary scopes, bypassing device identity requirements."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-286",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-23T16:15:58.550Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "name": "GitHub Security Advisory (GHSA-48vw-m3qc-wr99)",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-48vw-m3qc-wr99"
        },
        {
          "name": "Patch Commit #1",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87"
        },
        {
          "name": "Patch Commit #2",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openclaw/openclaw/commit/ccf16cd8892402022439346ae1d23352e3707e9e"
        },
        {
          "name": "VulnCheck Advisory: OpenClaw \u003c 2026.3.22 - Privilege Escalation via Self-Declared Scopes in Trusted-Proxy Control UI",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-self-declared-scopes-in-trusted-proxy-control-ui"
        }
      ],
      "tags": [
        "x_open-source"
      ],
      "title": "OpenClaw \u003c 2026.3.22 - Privilege Escalation via Self-Declared Scopes in Trusted-Proxy Control UI",
      "x_generator": {
        "engine": "vulncheck"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2026-35638",
    "datePublished": "2026-04-09T21:27:07.349Z",
    "dateReserved": "2026-04-04T12:30:33.463Z",
    "dateUpdated": "2026-06-23T16:15:58.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-64725 (GCVE-0-2025-64725)

Vulnerability from cvelistv5 – Published: 2025-12-15 20:21 – Updated: 2025-12-15 20:55
VLAI
Title
Weblate has improper validation upon invitation acceptance
Summary
Weblate is a web based localization tool. In versions prior to 5.15, it was possible to accept an invitation opened by a different user. Version 5.15. contains a patch. As a workaround, avoid leaving one's Weblate sessions with an invitation opened unattended.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-286 - Incorrect User Management
Assigner
Impacted products
Vendor Product Version
WeblateOrg weblate Affected: < 5.15
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-64725",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-15T20:55:31.900035Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-15T20:55:54.124Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "weblate",
          "vendor": "WeblateOrg",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 5.15"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Weblate is a web based localization tool. In versions prior to 5.15, it was possible to accept an invitation opened by a different user. Version 5.15. contains a patch. As a workaround, avoid leaving one\u0027s Weblate sessions with an invitation opened unattended."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 1,
            "baseSeverity": "LOW",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-286",
              "description": "CWE-286: Incorrect User Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-15T20:21:06.867Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/WeblateOrg/weblate/security/advisories/GHSA-m6hq-f4w9-qrjj",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/WeblateOrg/weblate/security/advisories/GHSA-m6hq-f4w9-qrjj"
        },
        {
          "name": "https://github.com/WeblateOrg/weblate/pull/16913",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/WeblateOrg/weblate/pull/16913"
        },
        {
          "name": "https://github.com/WeblateOrg/weblate/commit/02e904675f0608a6bbfbf9466eeccd9d022591e9",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/WeblateOrg/weblate/commit/02e904675f0608a6bbfbf9466eeccd9d022591e9"
        },
        {
          "name": "https://github.com/WeblateOrg/weblate/releases/tag/weblate-5.15",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/WeblateOrg/weblate/releases/tag/weblate-5.15"
        }
      ],
      "source": {
        "advisory": "GHSA-m6hq-f4w9-qrjj",
        "discovery": "UNKNOWN"
      },
      "title": "Weblate has improper validation upon invitation acceptance"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-64725",
    "datePublished": "2025-12-15T20:21:06.867Z",
    "dateReserved": "2025-11-10T14:07:42.923Z",
    "dateUpdated": "2025-12-15T20:55:54.124Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59943 (GCVE-0-2025-59943)

Vulnerability from cvelistv5 – Published: 2025-10-03 20:06 – Updated: 2025-10-03 20:45
VLAI
Title
phpMyFAQ duplicate email registration allows multiple accounts with the same email
Summary
phpMyFAQ is an open source FAQ web application. Versions 4.0-nightly-2025-10-03 and below do not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password resets, notifications, and administrative actions, this flaw can cause account ambiguity and, in certain configurations, may lead to privilege escalation or account takeover. This issue is fixed in version 4.0.13.
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-286 - Incorrect User Management
  • CWE-284 - Improper Access Control
Assigner
References
Impacted products
Vendor Product Version
thorsten phpMyFAQ Affected: >= 4.0.7, < 4.0.13
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59943",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-03T20:23:53.659575Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-03T20:45:27.185Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-9wj2-4hcm-r74j"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "phpMyFAQ",
          "vendor": "thorsten",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 4.0.7, \u003c 4.0.13"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "phpMyFAQ is an open source FAQ web application. Versions 4.0-nightly-2025-10-03 and below do not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password resets, notifications, and administrative actions, this flaw can cause account ambiguity and, in certain configurations, may lead to privilege escalation or account takeover. This issue is fixed in version 4.0.13."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-286",
              "description": "CWE-286: Incorrect User Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284: Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-03T20:06:09.404Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-9wj2-4hcm-r74j",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-9wj2-4hcm-r74j"
        },
        {
          "name": "https://github.com/thorsten/phpMyFAQ/commit/44cd20f86eb041f39d1c30a9beefad1cc61dc0ec",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/thorsten/phpMyFAQ/commit/44cd20f86eb041f39d1c30a9beefad1cc61dc0ec"
        }
      ],
      "source": {
        "advisory": "GHSA-9wj2-4hcm-r74j",
        "discovery": "UNKNOWN"
      },
      "title": "phpMyFAQ duplicate email registration allows multiple accounts with the same email"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-59943",
    "datePublished": "2025-10-03T20:06:09.404Z",
    "dateReserved": "2025-09-23T14:33:49.505Z",
    "dateUpdated": "2025-10-03T20:45:27.185Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7972 (GCVE-0-2025-7972)

Vulnerability from cvelistv5 – Published: 2025-08-14 14:47 – Updated: 2025-08-14 15:08
VLAI
Title
Rockwell Automation FactoryTalk® Linx Network Browser Security Bypass Vulnerability
Summary
A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-286 - Incorrect User Management
Assigner
Impacted products
Vendor Product Version
Rockwell Automation FactoryTalk® Linx Affected: All prior to 6.50
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7972",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-14T15:06:45.964707Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-14T15:08:22.952Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FactoryTalk\u00ae Linx",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "All prior to 6.50"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to \u2018development\u2019, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers. \u003c/span\u003e"
            }
          ],
          "value": "A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to \u2018development\u2019, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-286",
              "description": "CWE-286: Incorrect User Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-14T14:54:29.154Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1735.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Upgrade to version 6.50 or later."
            }
          ],
          "value": "Upgrade to version 6.50 or later."
        }
      ],
      "source": {
        "advisory": "SD1735",
        "discovery": "INTERNAL"
      },
      "title": "Rockwell Automation FactoryTalk\u00ae Linx Network Browser Security Bypass Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2025-7972",
    "datePublished": "2025-08-14T14:47:46.316Z",
    "dateReserved": "2025-07-21T19:25:20.271Z",
    "dateUpdated": "2025-08-14T15:08:22.952Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-52359 (GCVE-0-2024-52359)

Vulnerability from cvelistv5 – Published: 2024-11-19 19:39 – Updated: 2024-11-19 20:03
VLAI
Title
IBM Concert Software improper access controls
Summary
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to perform unauthorized actions that should be reserved to administrator used due to improper access controls.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-286 - Incorrect User Management
Assigner
ibm
References
Impacted products
Vendor Product Version
IBM Concert Software Affected: 1.0.0, 1.0.1, 1.0.2, 1.0.2.1
    cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:concert:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:concert:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:concert:1.0.2.1:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-52359",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T20:03:19.619226Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T20:03:35.927Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:concert:1.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:concert:1.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:concert:1.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:concert:1.0.2.1:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Concert Software",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "1.0.0, 1.0.1, 1.0.2, 1.0.2.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to perform unauthorized actions that should be reserved to administrator used due to improper access controls."
            }
          ],
          "value": "IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to perform unauthorized actions that should be reserved to administrator used due to improper access controls."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-286",
              "description": "CWE-286 Incorrect User Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-19T19:39:28.395Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "url": "https://www.ibm.com/support/pages/node/7176346"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IBM Concert Software improper access controls",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2024-52359",
    "datePublished": "2024-11-19T19:39:28.395Z",
    "dateReserved": "2024-11-10T16:11:09.566Z",
    "dateUpdated": "2024-11-19T20:03:35.927Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-48853 (GCVE-0-2024-48853)

Vulnerability from cvelistv5 – Published: 2025-05-22 16:38 – Updated: 2025-05-22 18:00
VLAI
Title
Authenticated Escalation to guest to root
Summary
An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when logged in as a "non" root ASPECT user. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-286 - Incorrect User Management
Assigner
ABB
Impacted products
Vendor Product Version
ABB ASPECT-Enterprise Affected: 0 , ≤ 3.08.03 (custom)
Create a notification for this product.
ABB NEXUS Series Affected: 0 , ≤ 3.08.03 (custom)
Create a notification for this product.
ABB MATRIX Series Affected: 0 , ≤ 3.08.03 (custom)
Create a notification for this product.
Credits
ABB likes to thank Gjoko Krstikj, Zero Science Lab, for reporting the vulnerabilities in responsible disclosure
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-48853",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-22T17:42:17.116305Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-22T18:00:21.433Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "platforms": [
            "Linux"
          ],
          "product": "ASPECT-Enterprise",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "3.08.03",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "NEXUS Series",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "3.08.03",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "MATRIX Series",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "3.08.03",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "ABB likes to thank Gjoko Krstikj, Zero Science Lab, for reporting the vulnerabilities in responsible disclosure"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when logged in as a \"non\" root ASPECT user.\u0026nbsp;\u003cp\u003eThis issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.\u003c/p\u003e"
            }
          ],
          "value": "An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when logged in as a \"non\" root ASPECT user.\u00a0This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.5,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/R:U/V:C",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-286",
              "description": "CWE-286 Incorrect User Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-22T16:39:17.433Z",
        "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
        "shortName": "ABB"
      },
      "references": [
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021\u0026LanguageCode=en\u0026DocumentPartId=pdf\u0026Action=Launch"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Authenticated Escalation to guest to root",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
    "assignerShortName": "ABB",
    "cveId": "CVE-2024-48853",
    "datePublished": "2025-05-22T16:38:34.648Z",
    "dateReserved": "2024-10-08T17:31:47.585Z",
    "dateUpdated": "2025-05-22T18:00:21.433Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-46671 (GCVE-0-2024-46671)

Vulnerability from cvelistv5 – Published: 2025-04-08 14:02 – Updated: 2025-04-08 14:30
VLAI
Summary
An Incorrect User Management vulnerability [CWE-286] in FortiWeb version 7.6.2 and below, version 7.4.6 and below, version 7.2.10 and below, version 7.0.11 and below widgets dashboard may allow an authenticated attacker with at least read-only admin permission to perform operations on the dashboard of other administrators via crafted requests.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-286 - Execute unauthorized code or commands
Assigner
References
Impacted products
Vendor Product Version
Fortinet FortiWeb Affected: 7.6.0 , ≤ 7.6.2 (semver)
Affected: 7.4.0 , ≤ 7.4.6 (semver)
Affected: 7.2.0 , ≤ 7.2.10 (semver)
Affected: 7.0.0 , ≤ 7.0.11 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-46671",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-08T14:28:42.465014Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-08T14:30:24.831Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [],
          "defaultStatus": "unaffected",
          "product": "FortiWeb",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.6.2",
              "status": "affected",
              "version": "7.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.4.6",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.10",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.11",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An Incorrect User Management vulnerability [CWE-286] in FortiWeb version 7.6.2 and below, version 7.4.6 and below, version 7.2.10 and below, version 7.0.11 and below widgets dashboard may allow an authenticated attacker with at least read-only admin permission to perform operations on the dashboard of other administrators via crafted requests."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H/E:P/RL:U/RC:R",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-286",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-08T14:02:59.350Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-184",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-184"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiWeb version 7.6.3 or above \nPlease upgrade to FortiWeb version 7.4.7 or above \nPlease upgrade to FortiWeb version 7.2.11 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2024-46671",
    "datePublished": "2025-04-08T14:02:59.350Z",
    "dateReserved": "2024-09-11T12:14:59.206Z",
    "dateUpdated": "2025-04-08T14:30:24.831Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45425 (GCVE-0-2024-45425)

Vulnerability from cvelistv5 – Published: 2025-02-25 19:38 – Updated: 2025-02-26 16:57
VLAI
Title
Zoom Workplace Apps - Incorrect User Management
Summary
Incorrect user management in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-286 - Incorrect User Management
Assigner
Impacted products
Date Public
2024-09-10 12:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45425",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T16:55:06.643915Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-26T16:57:20.637Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows",
            "MacOS",
            "Linux",
            "iOS",
            "Android"
          ],
          "product": "Zoom Workplace Apps",
          "vendor": "Zoom Communications, Inc",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "datePublic": "2024-09-10T12:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Incorrect user management in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Incorrect user management in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-286",
              "description": "CWE-286 Incorrect User Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-25T19:38:02.925Z",
        "orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
        "shortName": "Zoom"
      },
      "references": [
        {
          "url": "https://www.zoom.com/en/trust/security-bulletin/zsb-24037/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Zoom Workplace Apps - Incorrect User Management",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
    "assignerShortName": "Zoom",
    "cveId": "CVE-2024-45425",
    "datePublished": "2025-02-25T19:38:02.925Z",
    "dateReserved": "2024-08-28T21:50:25.333Z",
    "dateUpdated": "2025-02-26T16:57:20.637Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-28020 (GCVE-0-2024-28020)

Vulnerability from cvelistv5 – Published: 2024-06-11 18:20 – Updated: 2024-10-29 14:22
VLAI
Summary
A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use the passwords and login information through complex routines to extend access on the server and other services.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-286 - Incorrect User Management
Assigner
Impacted products
Vendor Product Version
Hitachi Energy FOXMAN-UN Affected: FOXMAN-UN R16B
Affected: FOXMAN-UN R15B
Affected: FOXMAN-UN R16A
Affected: FOXMAN-UN R15A
Create a notification for this product.
Hitachi Energy UNEM Affected: UNEM R16B
Affected: UNEM R15B
Affected: UNEM R16A
Affected: UNEM R15A
Create a notification for this product.
hitachienergy foxman-un Affected: r16b
Affected: r15b
Affected: r15a
Affected: r16a
    cpe:2.3:a:hitachienergy:foxman-un:*:*:*:*:*:*:*:*
Create a notification for this product.
hitachienergy unem Affected: r15b
Affected: r16b
Affected: r15a
Affected: r16a
    cpe:2.3:a:hitachienergy:unem:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:hitachienergy:foxman-un:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "foxman-un",
            "vendor": "hitachienergy",
            "versions": [
              {
                "status": "affected",
                "version": "r16b"
              },
              {
                "status": "affected",
                "version": "r15b"
              },
              {
                "status": "affected",
                "version": "r15a"
              },
              {
                "status": "affected",
                "version": "r16a"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hitachienergy:unem:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "unem",
            "vendor": "hitachienergy",
            "versions": [
              {
                "status": "affected",
                "version": "r15b"
              },
              {
                "status": "affected",
                "version": "r16b"
              },
              {
                "status": "affected",
                "version": "r15a"
              },
              {
                "status": "affected",
                "version": "r16a"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-28020",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T20:27:26.873565Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T20:34:29.900Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:48:47.637Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194\u0026languageCode=en\u0026Preview=true"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201\u0026languageCode=en\u0026Preview=true"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FOXMAN-UN",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "FOXMAN-UN R16B"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R15B"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R16A"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R15A"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "UNEM",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "UNEM R16B"
            },
            {
              "status": "affected",
              "version": "UNEM R15B"
            },
            {
              "status": "affected",
              "version": "UNEM R16A"
            },
            {
              "status": "affected",
              "version": "UNEM R15A"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application\nand server management. If exploited a malicious high-privileged\nuser could use the passwords and login information through complex routines to extend access on the server and other services."
            }
          ],
          "value": "A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application\nand server management. If exploited a malicious high-privileged\nuser could use the passwords and login information through complex routines to extend access on the server and other services."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-286",
              "description": "CWE-286 Incorrect User Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-29T14:22:19.869Z",
        "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "shortName": "Hitachi Energy"
      },
      "references": [
        {
          "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194\u0026languageCode=en\u0026Preview=true"
        },
        {
          "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201\u0026languageCode=en\u0026Preview=true"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
    "assignerShortName": "Hitachi Energy",
    "cveId": "CVE-2024-28020",
    "datePublished": "2024-06-11T18:20:35.573Z",
    "dateReserved": "2024-02-29T13:42:00.745Z",
    "dateUpdated": "2024-10-29T14:22:19.869Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-27269 (GCVE-0-2024-27269)

Vulnerability from cvelistv5 – Published: 2024-05-10 16:58 – Updated: 2024-08-02 00:27
VLAI
Title
IBM QRadar SIEM information disclosure
Summary
IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. IBM X-Force ID: 284575.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-286 - Incorrect User Management
Assigner
ibm
Impacted products
Vendor Product Version
IBM QRadar SIEM Affected: 7.5
Create a notification for this product.
ibm qradar_siem Affected: 7.5
    cpe:2.3:a:ibm:qradar_siem:7.5:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ibm:qradar_siem:7.5:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "qradar_siem",
            "vendor": "ibm",
            "versions": [
              {
                "status": "affected",
                "version": "7.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27269",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-10T20:06:18.582689Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:47:00.230Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:27:59.955Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/pages/node/7150684"
          },
          {
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/284575"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "QRadar SIEM",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "7.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants.  IBM X-Force ID:  284575."
            }
          ],
          "value": "IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants.  IBM X-Force ID:  284575."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-286",
              "description": "CWE-286 Incorrect User Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-10T16:58:20.964Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.ibm.com/support/pages/node/7150684"
        },
        {
          "tags": [
            "vdb-entry"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/284575"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IBM QRadar SIEM information disclosure",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2024-27269",
    "datePublished": "2024-05-10T16:58:20.964Z",
    "dateReserved": "2024-02-22T01:26:52.586Z",
    "dateUpdated": "2024-08-02T00:27:59.955Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.