- What is CWE-863?
- The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
- What CVEs are caused by CWE-863?
- 2,019 recorded CVEs are attributed to CWE-863, including CVE-2025-54253, CVE-2019-7192, CVE-2025-21479. 16 are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- How do you prevent CWE-863?
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- How is CWE-863 detected?
- Automated Static Analysis: Automated static analysis is useful for detecting commonly-used idioms for authorization. A tool may be able to analyze related configuration files, such as .htaccess in Apache web servers, or detect the usage of commonly-used authorization libraries.
- What are the consequences of CWE-863?
- Exploiting CWE-863 can lead to: Read Application Data, Read Files or Directories, Modify Application Data, Modify Files or Directories, Gain Privileges or Assume Identity, Bypass Protection Mechanism.
- Is CWE-863 actively exploited?
- Yes. 16 CWE-863 vulnerabilities are in CISA's KEV catalog of actively exploited flaws, out of 2,019 recorded CVEs.