CWE-767 (Access to Critical Private Variable via Public Method) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.
The product defines a public method that reads or modifies a private variable.
| Kind | Name | Class | Prevalence | OS / CPE |
|---|---|---|---|---|
| language | C++ | — | Undetermined | — |
| language | C# | — | Undetermined | — |
| language | Java | — | Undetermined | — |
These CVEs are mapped to this weakness in this database and kept for traceability and search.
| CVE | Published | Summary |
|---|---|---|
| CVE-2024-36463 | 2024-11-26 | The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects. |
| CVE-2024-34162 | 2024-11-26 | The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the LDAP… |
| CVE-2020-26868 | 2020-10-12 | ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimat… |
| CVE-2016-8380 | 2018-04-05 | The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication. |
| Date | Name | Version | Importance | Comment |
|---|---|---|---|---|
| 2011-06-01 | CWE Content Team | 1.13 | — | updated Common_Consequences |
| 2012-05-11 | CWE Content Team | 2.2 | — | updated Relationships |
| 2014-07-30 | CWE Content Team | 2.8 | — | updated Relationships, Taxonomy_Mappings |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated Likelihood_of_Exploit, Relationships, Taxonomy_Mappings |
| 2019-01-03 | CWE Content Team | 3.2 | — | updated Taxonomy_Mappings |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated Relationships |
| 2021-03-15 | CWE Content Team | 4.4 | — | updated Relationships |
| 2023-01-31 | CWE Content Team | 4.10 | — | updated Description |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Relationships, Time_of_Introduction, Type |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |
| 2025-12-11 | CWE Content Team | 4.19 | — | updated Weakness_Ordinalities |