BaseIncomplete
CWE-639Authorization Bypass Through User-Controlled Key
Category: auth
Description
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Common consequences· 3
- Access Control — Bypass Protection MechanismAccess control checks for specific user data or functionality can be bypassed.
- Access Control — Gain Privileges or Assume IdentityHorizontal escalation of privilege is possible (one user can view/modify information of another user).
- Access Control — Gain Privileges or Assume IdentityVertical escalation of privilege is possible if the user-controlled key is actually a flag that indicates administrator status, allowing the attacker to gain administrative access.
Potential mitigations· 3
- [Architecture and Design]For each and every data access, ensure that the user has sufficient privilege to access the record that is being requested.
- [Architecture and Design, Implementation]Make sure that the key that is used in the lookup of a specific user's record is not controllable externally by the user or that any tampering can be detected.
- [Architecture and Design]Use encryption in order to make it more difficult to guess other legitimate values of the key or associate a digital signature with the key so that the server can verify that there has been no tampering.
References
Compliance frameworks addressing this (incoming)3
| Type | Target | Confidence | Tier |
|---|---|---|---|
| ComplianceControl | owasp_api_top10-api01 | 100% | live |
| ComplianceControl | owasp_top10-a01 | 100% | live |
| ComplianceControl | owasp_api_top10-api03 | 100% | live |
(incoming)147
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Vulnerability | CVE-2025-0987cve-2025-0987 | 0% | live |
| Vulnerability | CVE-2025-10742cve-2025-10742 | 0% | live |
| Vulnerability | CVE-2025-11690cve-2025-11690 | 0% | live |
| Vulnerability | CVE-2025-11957cve-2025-11957 | 0% | live |
| Vulnerability | CVE-2025-12008cve-2025-12008 | 0% | live |
| Vulnerability | CVE-2025-12283cve-2025-12283 | 0% | live |
| Vulnerability | CVE-2025-12288cve-2025-12288 | 0% | live |
| Vulnerability | CVE-2025-13615cve-2025-13615 | 0% | live |
| Vulnerability | CVE-2025-13768cve-2025-13768 | 0% | live |
| Vulnerability | CVE-2025-14459cve-2025-14459 | 0% | live |
| Vulnerability | CVE-2025-14996cve-2025-14996 | 0% | live |
| Vulnerability | CVE-2025-14998cve-2025-14998 | 0% | live |
| Vulnerability | CVE-2025-15001cve-2025-15001 | 0% | live |
| Vulnerability | CVE-2025-15018cve-2025-15018 | 0% | live |
| Vulnerability | CVE-2025-15025cve-2025-15025 | 0% | live |
| Vulnerability | CVE-2025-15096cve-2025-15096 | 0% | live |
| Vulnerability | CVE-2025-15521cve-2025-15521 | 0% | live |
| Vulnerability | CVE-2025-15582cve-2025-15582 | 0% | live |
| Vulnerability | CVE-2025-2526cve-2025-2526 | 0% | live |
| Vulnerability | CVE-2025-25282cve-2025-25282 | 0% | live |
| Vulnerability | CVE-2025-25777cve-2025-25777 | 0% | live |
| Vulnerability | CVE-2025-26788cve-2025-26788 | 0% | live |
| Vulnerability | CVE-2025-27507cve-2025-27507 | 0% | live |
| Vulnerability | CVE-2025-34436cve-2025-34436 | 0% | live |
| Vulnerability | CVE-2025-34437cve-2025-34437 | 0% | live |
| Vulnerability | CVE-2025-34438cve-2025-34438 | 0% | live |
| Vulnerability | CVE-2025-3605cve-2025-3605 | 0% | live |
| Vulnerability | CVE-2025-3610cve-2025-3610 | 0% | live |
| Vulnerability | CVE-2025-3810cve-2025-3810 | 0% | live |
| Vulnerability | CVE-2025-3811cve-2025-3811 | 0% | live |
Showing top 30 of 147 by confidence. Click any target to see the full neighbourhood.
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.