Register
Login
Toggle navigation
SaaS Solutions
Vulnerability Intelligence
Pricing
Vulnerabilities
Reports
Blog
Contact Us
Career
Main
Vulnerability Database
CWE List
With exploit
With patch
CWE-639 - Authorization Bypass Through User-Controlled Key
Description
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Latest vulnerabilities for CWE-639
Authorization bypass through user-controlled key in Rundeck
2022-03-04
Medium
Yes
Privilege escalation in Nextcloud Deck
2021-10-26
Medium
Yes
Authorization bypass through user-controlled key in Mitsubishi Electric MELSEC iQ-R Series
2021-10-15
High
No
Multiple vulnerabilities in Siemens Teamcenter
2021-09-17
Medium
Yes
Authorization bypass through user-controlled key in Siemens Industrial Edge
2021-09-16
High
Yes
Authorization bypass through user-controlled key in Nextcloud Circles
2021-09-07
Medium
Yes
References
Description of CWE-639 on Mitre website