You fix the vulnerability by fixing the vulnerable code.
Unfortunately, since you haven't provided any details of your code, nor a clear description of the vulnerability, we can't help you to do that. All we can do is point you to the generic advice on the topic:
A01 Broken Access Control - OWASP Top 10:2021[
^]