Common Weakness Enumeration

CWE-863

Allowed-with-Review

Incorrect Authorization

Abstraction: Class · Status: Incomplete

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

5556 vulnerabilities reference this CWE, most recent first.

GHSA-3QJC-QH2Q-VHXR

Vulnerability from github – Published: 2023-06-09 21:30 – Updated: 2024-04-04 04:42
VLAI
Details

An issue found in FlightAware v.5.8.0 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the database files.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-29759"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-09T20:15:09Z",
    "severity": "MODERATE"
  },
  "details": "An issue found in FlightAware v.5.8.0 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the database files.",
  "id": "GHSA-3qjc-qh2q-vhxr",
  "modified": "2024-04-04T04:42:51Z",
  "published": "2023-06-09T21:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29759"
    },
    {
      "type": "WEB",
      "url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29759/CVE%20detailed.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3QR4-W96F-672V

Vulnerability from github – Published: 2023-06-15 21:30 – Updated: 2025-03-04 18:22
VLAI
Summary
Magento Open Source allows Incorrect Authorization
Details

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to modify a minor functionality of another user's data. Exploitation of this issue does not require user interaction.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "magento/community-edition"
      },
      "versions": [
        "2.4.6"
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "magento/community-edition"
      },
      "versions": [
        "2.4.5"
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "magento/community-edition"
      },
      "versions": [
        "2.4.4"
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "magento/community-edition"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.5-p1"
            },
            {
              "fixed": "2.4.5-p3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "magento/community-edition"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.4-p1"
            },
            {
              "fixed": "2.4.4-p4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "magento/project-community-edition"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "2.0.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-29296"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-03-04T18:22:38Z",
    "nvd_published_at": "2023-06-15T19:15:11Z",
    "severity": "LOW"
  },
  "details": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to modify a minor functionality of another user\u0027s data. Exploitation of this issue does not require user interaction.",
  "id": "GHSA-3qr4-w96f-672v",
  "modified": "2025-03-04T18:22:38Z",
  "published": "2023-06-15T21:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29296"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/magento/magento2"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Magento Open Source allows Incorrect Authorization"
}

GHSA-3QVQ-H337-WPRV

Vulnerability from github – Published: 2025-07-10 09:32 – Updated: 2025-07-10 09:32
VLAI
Details

An issue has been discovered in GitLab EE affecting all versions from 13.3 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated project owners to bypass group-level forking restrictions by manipulating API requests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-3396"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-10T09:15:29Z",
    "severity": "MODERATE"
  },
  "details": "An issue has been discovered in GitLab EE affecting all versions from 13.3 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated project owners to bypass group-level forking restrictions by manipulating API requests.",
  "id": "GHSA-3qvq-h337-wprv",
  "modified": "2025-07-10T09:32:31Z",
  "published": "2025-07-10T09:32:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3396"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/3079956"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/534636"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3QX4-GWGH-93VC

Vulnerability from github – Published: 2025-01-16 21:30 – Updated: 2025-02-03 21:31
VLAI
Details

An access control issue in the component form2WlanBasicSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G wlan service of the device via a crafted POST request.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-57676"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-16T19:15:28Z",
    "severity": "MODERATE"
  },
  "details": "An access control issue in the component form2WlanBasicSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the 2.4G and 5G wlan service of the device via a crafted POST request.",
  "id": "GHSA-3qx4-gwgh-93vc",
  "modified": "2025-02-03T21:31:49Z",
  "published": "2025-01-16T21:30:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57676"
    },
    {
      "type": "WEB",
      "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2WlanBasicSetup.md"
    },
    {
      "type": "WEB",
      "url": "https://www.dlink.com/en/security-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3QXR-H63Q-M7X3

Vulnerability from github – Published: 2022-05-13 01:01 – Updated: 2022-05-13 01:01
VLAI
Details

An exploitable improper authorization vulnerability exists in miner_start API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigger this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-12117"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-19T22:29:00Z",
    "severity": "HIGH"
  },
  "details": "An exploitable improper authorization vulnerability exists in miner_start API of cpp-ethereum\u0027s JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigger this vulnerability.",
  "id": "GHSA-3qxr-h63q-m7x3",
  "modified": "2022-05-13T01:01:37Z",
  "published": "2022-05-13T01:01:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12117"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0469"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102475"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3R2P-7J7F-FC8Q

Vulnerability from github – Published: 2025-01-08 21:32 – Updated: 2025-01-31 18:31
VLAI
Details

A vulnerability in the firewall component of HPE Aruba Networking CX 10000 Series Switches exists. It could allow an unauthenticated adjacent attacker to conduct a packet forwarding attack against the ICMP and UDP protocol. For this attack to be successful an attacker requires a switch configuration that allows packets routing (at layer 3). Configurations that do not allow network traffic routing are not impacted. Successful exploitation could allow an attacker to bypass security policies, potentially leading to unauthorized data exposure.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-54010"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-08T21:15:12Z",
    "severity": "LOW"
  },
  "details": "A vulnerability in the firewall component of HPE Aruba Networking CX 10000 Series Switches  exists. It could allow an unauthenticated adjacent attacker to conduct a packet  forwarding attack against the ICMP and UDP protocol. For this attack to be successful an attacker requires a switch configuration that allows packets routing (at layer 3). Configurations that do not allow network traffic routing are not impacted. Successful exploitation could allow an attacker to bypass security policies, potentially leading to unauthorized data exposure.",
  "id": "GHSA-3r2p-7j7f-fc8q",
  "modified": "2025-01-31T18:31:04Z",
  "published": "2025-01-08T21:32:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54010"
    },
    {
      "type": "WEB",
      "url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04772.txt"
    },
    {
      "type": "WEB",
      "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04772en_us\u0026docLocale=en_US"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3R49-G977-5JHX

Vulnerability from github – Published: 2023-05-08 21:31 – Updated: 2024-04-04 03:51
VLAI
Details

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-23538"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-08T20:15:16Z",
    "severity": "MODERATE"
  },
  "details": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system",
  "id": "GHSA-3r49-g977-5jhx",
  "modified": "2024-04-04T03:51:33Z",
  "published": "2023-05-08T21:31:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23538"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213670"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213677"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3R4H-X82W-7JGC

Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-07-13 00:01
VLAI
Details

Docker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is able to access the server running the Windows containers, it can lead to a full container compromise in both process isolation and Hyper-V isolation modes. This security issue leads an attacker with low privilege to read, write and possibly even execute code inside the containers.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-37841"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-12T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "Docker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is able to access the server running the Windows containers, it can lead to a full container compromise in both process isolation and Hyper-V isolation modes. This security issue leads an attacker with low privilege to read, write and possibly even execute code inside the containers.",
  "id": "GHSA-3r4h-x82w-7jgc",
  "modified": "2022-07-13T00:01:34Z",
  "published": "2022-05-24T19:10:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37841"
    },
    {
      "type": "WEB",
      "url": "https://docs.docker.com/docker-for-windows/release-notes"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3R6V-762W-V9RW

Vulnerability from github – Published: 2025-01-30 18:32 – Updated: 2025-01-31 00:30
VLAI
Details

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.3, macOS Sonoma 14.7.3. A local attacker may be able to elevate their privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-24099"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-30T17:15:18Z",
    "severity": "MODERATE"
  },
  "details": "The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.3, macOS Sonoma 14.7.3. A local attacker may be able to elevate their privileges.",
  "id": "GHSA-3r6v-762w-v9rw",
  "modified": "2025-01-31T00:30:44Z",
  "published": "2025-01-30T18:32:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24099"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122068"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122069"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122070"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3R8V-2XMJ-5C39

Vulnerability from github – Published: 2026-06-30 18:16 – Updated: 2026-06-30 18:16
VLAI
Summary
Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook
Details

Summary

A Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by the admission webhook; PackageRef.Namespace was not.

Details

A tenant with functions.fission.io/create in their own namespace could set spec.package.packageref.namespace to any other namespace. When the function is invoked, the fetcher sidecar reads the victim Package using the fission-fetcher service account's namespace-wide get packages permission and writes its contents to /userfunc/deployarchive inside the attacker's pool pod, exposing the victim's source code and any embedded credentials.

The fission-fetcher SA holds get packages in every configured function namespace (granted by charts/fission-all/templates/_function-access-role.tpl), so the namespace check was the only barrier between the attacker and any in-cluster Fission Package.

Impact

A function author in one namespace could read the deployment archive — and therefore the source code and embedded secrets — of any Package in any other namespace.

Fix

Fixed in #3389 and released in v1.24.0.

The admission webhook (pkg/webhook/function.go::Validate) rejects Function.spec.package.packageref.namespace != metadata.namespace. An empty namespace remains accepted (controllers default it to the function's namespace). This shipped together with the EnvironmentRef cross-namespace check (GHSA-cvw6-gfvv-953q).

Behavioural change

Functions that explicitly set spec.package.packageref.namespace to a different namespace are now rejected at admission.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.23.0"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/fission/fission"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.24.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-49823"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284",
      "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-30T18:16:33Z",
    "nvd_published_at": "2026-06-10T18:17:10Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\nA Fission Function spec carries three reference types \u2014 Secret, ConfigMap, and Package. The first two were namespace-validated by the admission webhook; `PackageRef.Namespace` was not.\n\n### Details\n\nA tenant with `functions.fission.io/create` in their own namespace could set `spec.package.packageref.namespace` to any other namespace. When the function is invoked, the fetcher sidecar reads the victim Package using the\n`fission-fetcher` service account\u0027s namespace-wide `get packages` permission and writes its contents to `/userfunc/deployarchive` inside the attacker\u0027s pool pod, exposing the victim\u0027s source code and any embedded credentials.\n\nThe `fission-fetcher` SA holds `get packages` in every configured function namespace (granted by `charts/fission-all/templates/_function-access-role.tpl`), so the namespace check was the only barrier between the attacker and any\nin-cluster Fission Package.\n\n### Impact\n\nA function author in one namespace could read the deployment archive \u2014 and therefore the source code and embedded secrets \u2014 of any Package in any other namespace.\n\n### Fix\n\nFixed in [#3389](https://github.com/fission/fission/pull/3389) and released in [v1.24.0](https://github.com/fission/fission/releases/tag/v1.24.0).\n\nThe admission webhook (`pkg/webhook/function.go::Validate`) rejects `Function.spec.package.packageref.namespace != metadata.namespace`. An empty namespace remains accepted (controllers default it to the function\u0027s namespace). This\nshipped together with the EnvironmentRef cross-namespace check (GHSA-cvw6-gfvv-953q).\n\n### Behavioural change\n\nFunctions that explicitly set `spec.package.packageref.namespace` to a different namespace are now rejected at admission.",
  "id": "GHSA-3r8v-2xmj-5c39",
  "modified": "2026-06-30T18:16:33Z",
  "published": "2026-06-30T18:16:33Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/fission/fission/security/advisories/GHSA-3r8v-2xmj-5c39"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49823"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fission/fission/pull/3389"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fission/fission/commit/80e7ba55228e1ef426f51353e25d2682ec61de34"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/fission/fission"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fission/fission/releases/tag/v1.24.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook"
}

Mitigation
Architecture and Design
  • Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
  • Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Architecture and Design

Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].

Mitigation MIT-4.4
Architecture and Design

Strategy: Libraries or Frameworks

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
Architecture and Design
  • For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
  • One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
System Configuration Installation

Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.

No CAPEC attack patterns related to this CWE.