CWE-612
7 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-612page 1 of 1
- CVE-2022-22565MEDIUMCVSS 4.7EG 3.82022-04-12
Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated and privileged user could potentially exploit this vulnerability, leading to disclosure or modificat…
- CVE-2022-35980HIGHCVSS 7.5EG 7.52022-08-12
OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. Versions 2.0.0.0 and 2.1.0.0 of the security plugin are affected by an information disclosure vulnerability. Requests to an OpenSearch…
- CVE-2022-41918MEDIUMCVSS 6.3EG 6.32022-11-15
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. There is an issue with the implementation of fine-grained access control rules (document-level security, field-level security and field masking) where they are…
- CVE-2023-2260HIGHCVSS 8.8EG 8.82023-04-24
Authorization Bypass Through User-Controlled Key in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.
- CVE-2023-4560MEDIUMCVSS 6.5EG 6.52023-08-28
Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4.
- CVE-2024-25635HIGHCVSS 8.8EG 8.82024-02-19
alf.io is an open source ticket reservation system. Prior to version 2.0-Mr-2402, organization owners can view the generated API KEY and USERS of other organization owners using the `http://192.168.26.128:8080/admin/api/users/<user_id>` en…
- CVE-2024-49071MEDIUMCVSS 6.5EG 6.52024-12-12
Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network.
Map vulnerabilities like CWE-612 to your infrastructure
EchelonGraph correlates every CVE — across CWE-612 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →