CWE-269
DiscouragedImproper Privilege Management
Abstraction: Class · Status: Draft
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
5450 vulnerabilities reference this CWE, most recent first.
GHSA-CQ9R-XGXQ-8RGC
Vulnerability from github – Published: 2022-05-24 17:27 – Updated: 2024-01-01 00:30An elevation of privilege vulnerability exists when Windows Modules Installer improperly handles objects in memory, aka 'Windows Modules Installer Elevation of Privilege Vulnerability'.
{
"affected": [],
"aliases": [
"CVE-2020-0911"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-09-11T17:15:00Z",
"severity": "HIGH"
},
"details": "An elevation of privilege vulnerability exists when Windows Modules Installer improperly handles objects in memory, aka \u0027Windows Modules Installer Elevation of Privilege Vulnerability\u0027.",
"id": "GHSA-cq9r-xgxq-8rgc",
"modified": "2024-01-01T00:30:39Z",
"published": "2022-05-24T17:27:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0911"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0911"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CQJ5-C26P-JCV4
Vulnerability from github – Published: 2023-08-04 00:30 – Updated: 2024-01-25 18:30A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system.
This vulnerability is due to incorrect implementation of user role permissions. An attacker could exploit this vulnerability by authenticating to the application as a user with the BWORKS or BWSUPERADMIN role and issuing crafted commands on an affected system. A successful exploit could allow the attacker to execute commands beyond the sphere of their intended access level, including initiating installs or running operating system commands with elevated permissions.
There are workarounds that address this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2023-20216"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-732"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-03T22:15:11Z",
"severity": "HIGH"
},
"details": "A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. \n\n This vulnerability is due to incorrect implementation of user role permissions. An attacker could exploit this vulnerability by authenticating to the application as a user with the BWORKS or BWSUPERADMIN role and issuing crafted commands on an affected system. A successful exploit could allow the attacker to execute commands beyond the sphere of their intended access level, including initiating installs or running operating system commands with elevated permissions.\n\n There are workarounds that address this vulnerability.",
"id": "GHSA-cqj5-c26p-jcv4",
"modified": "2024-01-25T18:30:37Z",
"published": "2023-08-04T00:30:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20216"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-priv-esc-qTgUZOsQ"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CQM4-W39P-G223
Vulnerability from github – Published: 2022-05-17 19:57 – Updated: 2024-04-04 00:00Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before 13.3R3 allow local users to bypass intended restrictions and execute arbitrary Python code via vectors involving shell access.
{
"affected": [],
"aliases": [
"CVE-2014-6448"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-01-15T18:15:00Z",
"severity": "HIGH"
},
"details": "Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before 13.3R3 allow local users to bypass intended restrictions and execute arbitrary Python code via vectors involving shell access.",
"id": "GHSA-cqm4-w39p-g223",
"modified": "2024-04-04T00:00:25Z",
"published": "2022-05-17T19:57:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6448"
},
{
"type": "WEB",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10695"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CQV6-CX7Q-C7W5
Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2022-07-13 00:01The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), Rendezvous Secure C API, Rendezvous Java API, and Rendezvous .Net API components of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from the affected component searching for run-time artifacts outside of the installation hierarchy. Affected releases are TIBCO Software Inc.'s TIBCO Rendezvous: versions 8.5.1 and below and TIBCO Rendezvous Developer Edition: versions 8.5.1 and below.
{
"affected": [],
"aliases": [
"CVE-2021-28818"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-03-23T21:15:00Z",
"severity": "HIGH"
},
"details": "The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), Rendezvous Secure C API, Rendezvous Java API, and Rendezvous .Net API components of TIBCO Software Inc.\u0027s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from the affected component searching for run-time artifacts outside of the installation hierarchy. Affected releases are TIBCO Software Inc.\u0027s TIBCO Rendezvous: versions 8.5.1 and below and TIBCO Rendezvous Developer Edition: versions 8.5.1 and below.",
"id": "GHSA-cqv6-cx7q-c7w5",
"modified": "2022-07-13T00:01:15Z",
"published": "2022-05-24T17:45:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28818"
},
{
"type": "WEB",
"url": "http://www.tibco.com/services/support/advisories"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CQXR-XF2W-943W
Vulnerability from github – Published: 2021-05-11 00:05 – Updated: 2022-10-25 20:33Impact
This vulnerability impacts generated code. If this code was generated as a one-off occasion, not as a part of an automated CI/CD process, this code will remain vulnerable until fixed manually!
On Unix-Like systems, the system temporary directory is shared between all local users. When files/directories are created, the default umask settings for the process are respected. As a result, by default, most processes/apis will create files/directories with the permissions -rw-r--r-- and drwxr-xr-x respectively, unless an API that explicitly sets safe file permissions is used.
This vulnerability exists due to the use of the JDK method File.createTempFile. This method creates an insecure temporary files that can leave application and system data vulnerable to exposure.
Auto-generated code (Java, Scala) that deals with uploading or downloading binary data through API endpoints will create insecure temporary files during the process. For example, if the API endpoint returns a PDF file, the auto-generated clients will first download the PDF into a insecure temporary file that can be read by anyone on the system.
Affected generators:
- Java
- okhttp-gson (default library)
https://github.com/OpenAPITools/openapi-generator/blob/d85f61ff0cfd6b8cd7063a63f302998a51466269/modules/openapi-generator/src/main/resources/Java/libraries/okhttp-gson/ApiClient.mustache#L1085-L1088
- jersey2
https://github.com/OpenAPITools/openapi-generator/blob/d85f61ff0cfd6b8cd7063a63f302998a51466269/modules/openapi-generator/src/main/resources/Java/libraries/jersey2/ApiClient.mustache#L1035-L1038
- resteasy
https://github.com/OpenAPITools/openapi-generator/blob/d85f61ff0cfd6b8cd7063a63f302998a51466269/modules/openapi-generator/src/main/resources/Java/libraries/resteasy/ApiClient.mustache#L604-L607
- retrofit2
https://github.com/OpenAPITools/openapi-generator/blob/d85f61ff0cfd6b8cd7063a63f302998a51466269/modules/openapi-generator/src/main/resources/Java/libraries/retrofit2/play26/ApiClient.mustache#L202-L208
- Scala
- scala-finch
https://github.com/OpenAPITools/openapi-generator/blob/764a3b044c19fadf4a0789473cde96a65b77868a/modules/openapi-generator/src/main/resources/scala-finch/api.mustache#L83-L88
- scala-akka
https://github.com/OpenAPITools/openapi-generator/blob/150e24dc553a8ea5230ffb938ed3e6020e972faa/modules/openapi-generator/src/main/resources/scala-akka-http-server/multipartDirectives.mustache#L71-L73
Patches
The issue has been patched by changing the generated code to use the JDK method Files.createTempFile and released in the v5.1.0 stable version.
This vulnerability has the same root cause as CVE-2021-21364 from the swagger-api/swagger-codegen project as this project and that one both share the same original source tree.
https://github.com/swagger-api/swagger-codegen/security/advisories/GHSA-hpv8-9rq5-hq7w
For more information
If you have any questions or comments about this advisory: * Open an issue in OpenAPI Generator Github repo * Email us at security@openapitools.org
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.openapitools:openapi-generator"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.1.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-21430"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-377",
"CWE-378",
"CWE-379",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-10T19:25:35Z",
"nvd_published_at": "2021-05-10T20:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\n\n**This vulnerability impacts generated code.** If this code was generated as a one-off occasion, not as a part of an automated CI/CD process, this code will remain vulnerable until fixed manually!\n\nOn Unix-Like systems, the system temporary directory is shared between all local users. When files/directories are created, the default `umask` settings for the process are respected. As a result, by default, most processes/apis will create files/directories with the permissions `-rw-r--r--` and `drwxr-xr-x` respectively, unless an API that explicitly sets safe file permissions is used.\n\nThis vulnerability exists due to the use of the JDK method `File.createTempFile`. This method creates an insecure temporary files that can leave application and system data vulnerable to exposure.\n\nAuto-generated code (Java, Scala) that deals with uploading or downloading binary data through API endpoints will create insecure temporary files during the process. For example, if the API endpoint returns a PDF file, the auto-generated clients will first download the PDF into a insecure temporary file that can be read by anyone on the system.\n\nAffected generators: \n - Java\n - `okhttp-gson` (default library)\n https://github.com/OpenAPITools/openapi-generator/blob/d85f61ff0cfd6b8cd7063a63f302998a51466269/modules/openapi-generator/src/main/resources/Java/libraries/okhttp-gson/ApiClient.mustache#L1085-L1088\n - `jersey2`\n https://github.com/OpenAPITools/openapi-generator/blob/d85f61ff0cfd6b8cd7063a63f302998a51466269/modules/openapi-generator/src/main/resources/Java/libraries/jersey2/ApiClient.mustache#L1035-L1038\n - `resteasy`\n https://github.com/OpenAPITools/openapi-generator/blob/d85f61ff0cfd6b8cd7063a63f302998a51466269/modules/openapi-generator/src/main/resources/Java/libraries/resteasy/ApiClient.mustache#L604-L607\n - `retrofit2`\n https://github.com/OpenAPITools/openapi-generator/blob/d85f61ff0cfd6b8cd7063a63f302998a51466269/modules/openapi-generator/src/main/resources/Java/libraries/retrofit2/play26/ApiClient.mustache#L202-L208\n - Scala\n - `scala-finch`\n https://github.com/OpenAPITools/openapi-generator/blob/764a3b044c19fadf4a0789473cde96a65b77868a/modules/openapi-generator/src/main/resources/scala-finch/api.mustache#L83-L88\n - `scala-akka`\n https://github.com/OpenAPITools/openapi-generator/blob/150e24dc553a8ea5230ffb938ed3e6020e972faa/modules/openapi-generator/src/main/resources/scala-akka-http-server/multipartDirectives.mustache#L71-L73\n\n### Patches\n\nThe issue has been patched by changing the generated code to use the JDK method `Files.createTempFile` and released in the v5.1.0 stable version.\n\nThis vulnerability has the same root cause as CVE-2021-21364 from the `swagger-api/swagger-codegen` project as this project and that one both share the same original source tree.\nhttps://github.com/swagger-api/swagger-codegen/security/advisories/GHSA-hpv8-9rq5-hq7w\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [OpenAPI Generator Github repo](https://github.com/openAPITools/openapi-generator/)\n* Email us at [security@openapitools.org](mailto:security@openapitools.org)",
"id": "GHSA-cqxr-xf2w-943w",
"modified": "2022-10-25T20:33:52Z",
"published": "2021-05-11T00:05:06Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21430"
},
{
"type": "WEB",
"url": "https://github.com/OpenAPITools/openapi-generator/pull/8787"
},
{
"type": "WEB",
"url": "https://github.com/OpenAPITools/openapi-generator/pull/8791"
},
{
"type": "WEB",
"url": "https://github.com/OpenAPITools/openapi-generator/pull/9348"
},
{
"type": "PACKAGE",
"url": "https://github.com/OpenAPITools/openapi-generator"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code"
}
GHSA-CR4W-2PPQ-M3WQ
Vulnerability from github – Published: 2026-06-20 03:32 – Updated: 2026-06-20 03:32Capgo before 12.128.2 contains a scope escalation vulnerability in the POST /functions/v1/apikey endpoint that allows app-limited API keys to mint unrestricted keys by setting empty limits. Attackers with a compromised app-limited key can create an unrestricted key with org-wide access to resources like app listings and other protected endpoints.
{
"affected": [],
"aliases": [
"CVE-2026-56216"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-20T01:16:16Z",
"severity": "HIGH"
},
"details": "Capgo before 12.128.2 contains a scope escalation vulnerability in the POST /functions/v1/apikey endpoint that allows app-limited API keys to mint unrestricted keys by setting empty limits. Attackers with a compromised app-limited key can create an unrestricted key with org-wide access to resources like app listings and other protected endpoints.",
"id": "GHSA-cr4w-2ppq-m3wq",
"modified": "2026-06-20T03:32:30Z",
"published": "2026-06-20T03:32:30Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/Cap-go/capgo/security/advisories/GHSA-2ff8-7h96-hwfp"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-56216"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/capgo-scope-escalation-via-api-key-creation-in-functions-v1-apikey"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-CR79-9PWF-R6F5
Vulnerability from github – Published: 2019-02-18 23:34 – Updated: 2021-09-16 20:42Affected versions of prince insecurely download an executable over an unencrypted HTTP connection.
In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running prince.
Recommendation
Update to version 1.4.6 or later.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.4.6"
},
"package": {
"ecosystem": "npm",
"name": "prince"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2016-10591"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-311"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T21:32:46Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "Affected versions of `prince` insecurely download an executable over an unencrypted HTTP connection. \n\nIn scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `prince`.\n\n\n## Recommendation\n\nUpdate to version 1.4.6 or later.",
"id": "GHSA-cr79-9pwf-r6f5",
"modified": "2021-09-16T20:42:47Z",
"published": "2019-02-18T23:34:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10591"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-cr79-9pwf-r6f5"
},
{
"type": "PACKAGE",
"url": "https://github.com/rse/node-prince"
},
{
"type": "WEB",
"url": "https://www.npmjs.com/advisories/185"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Downloads Resources over HTTP in prince"
}
GHSA-CR7H-X4FR-XQW7
Vulnerability from github – Published: 2022-05-24 17:10 – Updated: 2022-05-24 17:10An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866, CVE-2020-0897.
{
"affected": [],
"aliases": [
"CVE-2020-0777"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-03-12T16:15:00Z",
"severity": "MODERATE"
},
"details": "An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka \u0027Windows Work Folder Service Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866, CVE-2020-0897.",
"id": "GHSA-cr7h-x4fr-xqw7",
"modified": "2022-05-24T17:10:55Z",
"published": "2022-05-24T17:10:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0777"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0777"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CRG4-9CVH-C76F
Vulnerability from github – Published: 2022-05-24 17:16 – Updated: 2022-05-24 17:16AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM privileges via a DeviceIoControl call associated with MmMapIoSpace, IoAllocateMdl, MmBuildMdlForNonPagedPool, or MmMapLockedPages.
{
"affected": [],
"aliases": [
"CVE-2020-12138"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-04-27T15:15:00Z",
"severity": "HIGH"
},
"details": "AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process. This could enable low-privileged users to achieve NT AUTHORITY\\SYSTEM privileges via a DeviceIoControl call associated with MmMapIoSpace, IoAllocateMdl, MmBuildMdlForNonPagedPool, or MmMapLockedPages.",
"id": "GHSA-crg4-9cvh-c76f",
"modified": "2022-05-24T17:16:35Z",
"published": "2022-05-24T17:16:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12138"
},
{
"type": "WEB",
"url": "https://eclypsium.com/2019/11/12/mother-of-all-drivers"
},
{
"type": "WEB",
"url": "https://h0mbre.github.io/atillk64_exploit"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CRM9-GF54-3RF6
Vulnerability from github – Published: 2022-04-12 00:00 – Updated: 2022-04-19 00:01The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.
{
"affected": [],
"aliases": [
"CVE-2022-22257"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-11T20:15:00Z",
"severity": "HIGH"
},
"details": "The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.",
"id": "GHSA-crm9-gf54-3rf6",
"modified": "2022-04-19T00:01:20Z",
"published": "2022-04-12T00:00:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22257"
},
{
"type": "WEB",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4"
},
{
"type": "WEB",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-48
Strategy: Separation of Privilege
Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation MIT-49
Strategy: Separation of Privilege
Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.