Register
Login
Toggle navigation
SaaS Solutions
Vulnerability Intelligence
Pricing
Vulnerabilities
Reports
Blog
Contact Us
Main
Vulnerability Database
CWE List
With exploit
With patch
CWE-639 - Authorization Bypass Through User-Controlled Key
Description
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Latest vulnerabilities for CWE-639
Authorization bypass through user-controlled key in WordPress Awesome Support plugin
2022-12-05
Low
Yes
Authorization bypass through user-controlled key in WordPress TeraWallet For WooCommerce plugin
2022-12-05
Medium
Yes
Multiple vulnerabilities in Red Hat Fuse
2022-11-28
High
Yes
Multiple vulnerabilities in SolarWinds Orion Platform
2022-10-19
Low
Yes
Multiple vulnerabilities in IBM Security Guardium
2022-09-22
Medium
Yes
Authorization bypass in uri.js
2022-08-29
Medium
Yes
Multiple vulnerabilities in MiCODUS MV720 GPS tracker
2022-07-20
High
No
Authorization bypass through user-controlled key in Nextcloud Mail
2022-07-18
Medium
Yes
Multiple vulnerabilities in Grafana
2022-06-16
Medium
Yes
Missing authorization in Bus Pass Management System
2022-06-06
Medium
No
References
Description of CWE-639 on Mitre website