Register
Login
Toggle navigation
SaaS Solutions
Vulnerability Intelligence
Vulnerability Management
Pricing
Vulnerabilities
Reports
Blog
Contact Us
Main
Vulnerability Database
CWE List
CWE-639 - Authorization Bypass Through User-Controlled Key
Description
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Latest vulnerabilities for CWE-639
IBM DataStage on Cloud Pak for Data update for Apache ZooKeeper
2025-06-13
Medium
Yes
Authorization bypass through user-controlled key in FortiPortal
2025-06-11
Low
Yes
Multiple vulnerabilities in Cisco Unified Intelligence Center and Unified Contact Center Express
2025-05-22
Medium
Yes
Insecure Direct Object Reference in Download manager extension for TYPO3
2025-05-21
Medium
Yes
Insecure Direct Object Reference in femanager extension for TYPO3
2025-05-21
Medium
Yes
Multiple vulnerabilities in Front End User Registration extension for TYPO3
2025-05-21
High
Yes
Multiple vulnerabilities in IBM Knowledge Catalog for IBM Cloud Pak for Data
2025-05-09
High
Yes
Public exploit
Multiple vulnerabilities in Growatt cloud portal
2025-04-30
High
Yes
Information disclosure in Synology Media Server
2025-04-11
High
Yes
Spoofing attack in ManageEngine Endpoint Central
2025-04-07
Low
Yes
References
Description of CWE-639 on Mitre website