CWE-269
DiscouragedImproper Privilege Management
Abstraction: Class · Status: Draft
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
5455 vulnerabilities reference this CWE, most recent first.
GHSA-C9PV-GW7F-R9FM
Vulnerability from github – Published: 2026-07-18 09:32 – Updated: 2026-07-18 09:32VMware Avi Load Balancer contains a local privilege escalation vulnerability. A malicious user with local access may be able to escalate their privileges to run code as root.
Affected versions: 32.1.1 (fixed in 32.1.2) 31.1.1 through 31.2.2 (fixed in 31.2.2-2p3) 30.1.1 through 30.2.6 (fixed in 30.2.7) 22.1.1 through 22.1.7 (fixed in 30.2.7)
{
"affected": [],
"aliases": [
"CVE-2026-47868"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-18T09:17:08Z",
"severity": "HIGH"
},
"details": "VMware Avi Load Balancer contains a local privilege escalation vulnerability. A malicious user with local access may be able to escalate their privileges to run code as root.\n\nAffected versions:\n32.1.1 (fixed in 32.1.2)\n31.1.1 through 31.2.2 (fixed in 31.2.2-2p3)\n30.1.1 through 30.2.6 (fixed in 30.2.7)\n22.1.1 through 22.1.7 (fixed in 30.2.7)",
"id": "GHSA-c9pv-gw7f-r9fm",
"modified": "2026-07-18T09:32:18Z",
"published": "2026-07-18T09:32:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47868"
},
{
"type": "WEB",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37926"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C9V4-RXRM-VMC5
Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2022-05-24 19:12Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root.
{
"affected": [],
"aliases": [
"CVE-2021-30355"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-01T19:15:00Z",
"severity": "HIGH"
},
"details": "Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root.",
"id": "GHSA-c9v4-rxrm-vmc5",
"modified": "2022-05-24T19:12:41Z",
"published": "2022-05-24T19:12:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30355"
},
{
"type": "WEB",
"url": "https://research.checkpoint.com/2021/i-can-take-over-your-kindle"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-C9VM-R7MJ-WM49
Vulnerability from github – Published: 2025-02-22 03:30 – Updated: 2025-02-22 03:30IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data access from a remote data source object due to improper privilege management.
{
"affected": [],
"aliases": [
"CVE-2024-22341"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-73"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-22T01:15:10Z",
"severity": "MODERATE"
},
"details": "IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data access from a remote data source object due to improper privilege management.",
"id": "GHSA-c9vm-r7mj-wm49",
"modified": "2025-02-22T03:30:37Z",
"published": "2025-02-22T03:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22341"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7183851"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C9W5-QP6M-M395
Vulnerability from github – Published: 2026-05-28 18:30 – Updated: 2026-07-09 23:32Casdoor versions 2.362.0 and earlier contain a vulnerability enabling cross-organization token exchange. The GetTokenExchangeToken function in object/token_oauth.go validates JWT signatures but does not verify that the token's user belongs to the same organization as the target application. This can result in privilege escalation across organizational boundaries.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/casdoor/casdoor"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.387.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-9094"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2026-07-09T23:32:36Z",
"nvd_published_at": "2026-05-28T17:16:34Z",
"severity": "CRITICAL"
},
"details": "Casdoor versions 2.362.0 and earlier contain a vulnerability enabling cross-organization token exchange. The GetTokenExchangeToken function in object/token_oauth.go validates JWT signatures but does not verify that the token\u0027s user belongs to the same organization as the target application. This can result in privilege escalation across organizational boundaries.",
"id": "GHSA-c9w5-qp6m-m395",
"modified": "2026-07-09T23:32:36Z",
"published": "2026-05-28T18:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9094"
},
{
"type": "WEB",
"url": "https://github.com/casdoor/casdoor/commit/d92b8568686d"
},
{
"type": "PACKAGE",
"url": "https://github.com/casdoor/casdoor"
},
{
"type": "WEB",
"url": "https://kb.cert.org/vuls/id/780781"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Casdoor: GetTokenExchangeToken bypass through lack of cross-organization JWT signature check"
}
GHSA-C9X9-XV66-XP3V
Vulnerability from github – Published: 2021-11-10 15:30 – Updated: 2021-11-08 18:54A flaw was found in Keycloak, where it would permit a user with a view-profile role to manage the resources in the new account console. This flaw allows a user with a view-profile role to access and modify data for which the user does not have adequate permission.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.keycloak:keycloak-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "12.0.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-14389"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-916"
],
"github_reviewed": true,
"github_reviewed_at": "2021-11-08T18:54:51Z",
"nvd_published_at": "2020-11-17T02:15:00Z",
"severity": "HIGH"
},
"details": "A flaw was found in Keycloak, where it would permit a user with a view-profile role to manage the resources in the new account console. This flaw allows a user with a view-profile role to access and modify data for which the user does not have adequate permission.",
"id": "GHSA-c9x9-xv66-xp3v",
"modified": "2021-11-08T18:54:51Z",
"published": "2021-11-10T15:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14389"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/cve-2020-14389"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Improper privilege management in Keycloak"
}
GHSA-CC3M-W7MM-948M
Vulnerability from github – Published: 2025-04-07 18:30 – Updated: 2025-04-07 21:32An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the postID parameter in the edit method
{
"affected": [],
"aliases": [
"CVE-2025-28400"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-07T16:15:24Z",
"severity": "MODERATE"
},
"details": "An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the postID parameter in the edit method",
"id": "GHSA-cc3m-w7mm-948m",
"modified": "2025-04-07T21:32:07Z",
"published": "2025-04-07T18:30:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-28400"
},
{
"type": "WEB",
"url": "https://github.com/20210607/cve_public/blob/main/ruoyi_case/CVE-2025-28400.md"
},
{
"type": "WEB",
"url": "https://github.com/yangzongzhuan/RuoYi"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-CC65-VJ4F-XM35
Vulnerability from github – Published: 2022-05-24 17:19 – Updated: 2022-05-24 17:19An elevation of privilege vulnerability exists when Windows Modules Installer Service improperly handles class object members.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Modules Installer Service Elevation of Privilege Vulnerability'.
{
"affected": [],
"aliases": [
"CVE-2020-1254"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-06-09T20:15:00Z",
"severity": "HIGH"
},
"details": "An elevation of privilege vulnerability exists when Windows Modules Installer Service improperly handles class object members.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka \u0027Windows Modules Installer Service Elevation of Privilege Vulnerability\u0027.",
"id": "GHSA-cc65-vj4f-xm35",
"modified": "2022-05-24T17:19:53Z",
"published": "2022-05-24T17:19:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1254"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1254"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CC75-W727-3JQW
Vulnerability from github – Published: 2021-12-14 00:00 – Updated: 2021-12-16 00:02An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their privilege to a maintainer on projects they import
{
"affected": [],
"aliases": [
"CVE-2021-39944"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-13T16:15:00Z",
"severity": "HIGH"
},
"details": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their privilege to a maintainer on projects they import",
"id": "GHSA-cc75-w727-3jqw",
"modified": "2021-12-16T00:02:44Z",
"published": "2021-12-14T00:00:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39944"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/1256017"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39944.json"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/336531"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CC94-45Q3-H8PP
Vulnerability from github – Published: 2023-11-14 21:31 – Updated: 2023-11-14 21:31Protection mechanism failure in some Intel DCM software before version 5.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
{
"affected": [],
"aliases": [
"CVE-2023-31273"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-693"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-14T19:15:24Z",
"severity": "CRITICAL"
},
"details": "Protection mechanism failure in some Intel DCM software before version 5.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.",
"id": "GHSA-cc94-45q3-h8pp",
"modified": "2023-11-14T21:31:01Z",
"published": "2023-11-14T21:31:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31273"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00902.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CCJC-3GWX-9M2Q
Vulnerability from github – Published: 2022-05-24 16:54 – Updated: 2024-04-04 01:43An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The attacker must disconnect the computer from the local network / WAN and connect it to an internet facing access point / network. At that point, the attacker can execute the password-reset functionality, which will expose a web browser. Browsing to a site that calls local Windows system functions (e.g., file upload) will expose the local file system. From there an attacker can launch a privileged command shell.
{
"affected": [],
"aliases": [
"CVE-2019-12889"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-08-20T12:15:00Z",
"severity": "HIGH"
},
"details": "An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\\System. An attacker would need local access to the machine for a successful exploit. The attacker must disconnect the computer from the local network / WAN and connect it to an internet facing access point / network. At that point, the attacker can execute the password-reset functionality, which will expose a web browser. Browsing to a site that calls local Windows system functions (e.g., file upload) will expose the local file system. From there an attacker can launch a privileged command shell.",
"id": "GHSA-ccjc-3gwx-9m2q",
"modified": "2024-04-04T01:43:14Z",
"published": "2022-05-24T16:54:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12889"
},
{
"type": "WEB",
"url": "https://github.com/nulsect0r/CVE-2019-12889"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-48
Strategy: Separation of Privilege
Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation MIT-49
Strategy: Separation of Privilege
Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.