CWE-269
DiscouragedImproper Privilege Management
Abstraction: Class · Status: Draft
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
5450 vulnerabilities reference this CWE, most recent first.
GHSA-F2MP-8FGG-7465
Vulnerability from github – Published: 2022-03-29 00:01 – Updated: 2022-04-05 00:00Vertical Privilege Escalation in KONGA 0.14.9 allows attackers to higher privilege users to full administration access. The attack vector is a crafted condition, as demonstrated by the /api/user/{ID} at ADMIN parameter.
{
"affected": [],
"aliases": [
"CVE-2021-44103"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-28T14:15:00Z",
"severity": "HIGH"
},
"details": "Vertical Privilege Escalation in KONGA 0.14.9 allows attackers to higher privilege users to full administration access. The attack vector is a crafted condition, as demonstrated by the /api/user/{ID} at ADMIN parameter.",
"id": "GHSA-f2mp-8fgg-7465",
"modified": "2022-04-05T00:00:56Z",
"published": "2022-03-29T00:01:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44103"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/50521"
},
{
"type": "WEB",
"url": "http://n0hat.blogspot.com/2021/11/konga-0149-privilege-escalation-exploit.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F2W4-4W88-537Q
Vulnerability from github – Published: 2024-05-17 09:31 – Updated: 2024-05-17 09:31Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8.
{
"affected": [],
"aliases": [
"CVE-2024-33552"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-17T09:15:41Z",
"severity": "CRITICAL"
},
"details": "Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8.",
"id": "GHSA-f2w4-4w88-537q",
"modified": "2024-05-17T09:31:02Z",
"published": "2024-05-17T09:31:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33552"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/et-core-plugin/wordpress-xstore-core-plugin-5-3-5-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F2XV-V8VM-H6CH
Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2022-07-13 00:01Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent.
{
"affected": [],
"aliases": [
"CVE-2021-22505"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-13T14:15:00Z",
"severity": "CRITICAL"
},
"details": "Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent.",
"id": "GHSA-f2xv-v8vm-h6ch",
"modified": "2022-07-13T00:01:10Z",
"published": "2022-05-24T17:47:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22505"
},
{
"type": "WEB",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03792442"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F357-RVV6-2423
Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-07-13 00:01Accellion Kiteworks before 7.3.1 allows a user with Admin privileges to escalate their privileges by generating SSH passwords that allow local access.
{
"affected": [],
"aliases": [
"CVE-2021-31585"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-23T12:15:00Z",
"severity": "MODERATE"
},
"details": "Accellion Kiteworks before 7.3.1 allows a user with Admin privileges to escalate their privileges by generating SSH passwords that allow local access.",
"id": "GHSA-f357-rvv6-2423",
"modified": "2022-07-13T00:01:24Z",
"published": "2022-05-24T19:06:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31585"
},
{
"type": "WEB",
"url": "https://github.com/accellion/CVEs"
},
{
"type": "WEB",
"url": "https://github.com/accellion/CVEs/blob/main/CVE-2021-31585.txt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F367-GFRG-QV3C
Vulnerability from github – Published: 2025-05-02 06:31 – Updated: 2025-05-06 18:30The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to limited privilege escalation in all versions up to, and including, 4.17.4. This is due to a lack of restriction of role when registering. This makes it possible for unauthenticated attackers to to register with the 'wcfm_vendor' role, which is a Store Vendor role in the WCFM Marketplace – Multivendor Marketplace for WooCommerce plugin for WordPress. The vulnerability can only be exploited if the WCFM Marketplace – Multivendor Marketplace for WooCommerce plugin is installed and activated. The vulnerability was partially patched in version 4.17.3.
{
"affected": [],
"aliases": [
"CVE-2025-3438"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-02T06:15:48Z",
"severity": "MODERATE"
},
"details": "The MStore API \u2013 Create Native Android \u0026 iOS Apps On The Cloud plugin for WordPress is vulnerable to limited privilege escalation in all versions up to, and including, 4.17.4. This is due to a lack of restriction of role when registering. This makes it possible for unauthenticated attackers to to register with the \u0027wcfm_vendor\u0027 role, which is a Store Vendor role in the WCFM Marketplace \u2013 Multivendor Marketplace for WooCommerce plugin for WordPress. The vulnerability can only be exploited if the WCFM Marketplace \u2013 Multivendor Marketplace for WooCommerce plugin is installed and activated. The vulnerability was partially patched in version 4.17.3.",
"id": "GHSA-f367-gfrg-qv3c",
"modified": "2025-05-06T18:30:37Z",
"published": "2025-05-02T06:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3438"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/mstore-api/trunk/controllers/flutter-user.php#L392"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/mstore-api/trunk/controllers/flutter-user.php#L413"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3277790"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3279132"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be5d86ad-f94b-4fcb-9b74-ecddde2bf29d?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-F378-QX8V-C7CF
Vulnerability from github – Published: 2024-10-10 03:30 – Updated: 2024-10-10 03:30In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API endpoints GET /api/v1/documents/ and POST /rag/api/v1/doc. This vulnerability allows a lower-privileged user to access and overwrite files managed by a higher-privileged admin. By exploiting this vulnerability, an attacker can view metadata of files uploaded by an admin and overwrite these files, compromising the integrity and availability of the RAG models.
{
"affected": [],
"aliases": [
"CVE-2024-7048"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-10T02:15:03Z",
"severity": "MODERATE"
},
"details": "In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API endpoints GET /api/v1/documents/ and POST /rag/api/v1/doc. This vulnerability allows a lower-privileged user to access and overwrite files managed by a higher-privileged admin. By exploiting this vulnerability, an attacker can view metadata of files uploaded by an admin and overwrite these files, compromising the integrity and availability of the RAG models.",
"id": "GHSA-f378-qx8v-c7cf",
"modified": "2024-10-10T03:30:45Z",
"published": "2024-10-10T03:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7048"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/acd0b2dd-61eb-4712-82d3-a4e35d6ee560"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-F383-XPWW-4F48
Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2022-06-29 00:00NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel application where it is susceptible to a Windows file system symbolic link attack where an unprivileged attacker can cause the applications to overwrite privileged files, resulting in potential denial of service or data loss.
{
"affected": [],
"aliases": [
"CVE-2021-1092"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-22T05:15:00Z",
"severity": "HIGH"
},
"details": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel application where it is susceptible to a Windows file system symbolic link attack where an unprivileged attacker can cause the applications to overwrite privileged files, resulting in potential denial of service or data loss.",
"id": "GHSA-f383-xpww-4f48",
"modified": "2022-06-29T00:00:39Z",
"published": "2022-05-24T19:09:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1092"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5211"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F387-26C4-6JHR
Vulnerability from github – Published: 2022-05-24 17:28 – Updated: 2024-01-01 00:30An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory, aka 'Windows Start-Up Application Elevation of Privilege Vulnerability'.
{
"affected": [],
"aliases": [
"CVE-2020-1506"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-09-11T17:15:00Z",
"severity": "HIGH"
},
"details": "An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory, aka \u0027Windows Start-Up Application Elevation of Privilege Vulnerability\u0027.",
"id": "GHSA-f387-26c4-6jhr",
"modified": "2024-01-01T00:30:42Z",
"published": "2022-05-24T17:28:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1506"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1506"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-F39P-623W-5V5J
Vulnerability from github – Published: 2025-04-02 18:30 – Updated: 2025-04-02 18:30An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a malicious user to execute arbitrary code.
Please note: this issue has already been addressed on the backend service and is no longer considered an active vulnerability.
{
"affected": [],
"aliases": [
"CVE-2025-31286"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-79"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-02T17:15:49Z",
"severity": "LOW"
},
"details": "An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a malicious user to execute arbitrary code.\n\nPlease note: this issue has already been addressed on the backend service and is no longer considered an active vulnerability.",
"id": "GHSA-f39p-623w-5v5j",
"modified": "2025-04-02T18:30:54Z",
"published": "2025-04-02T18:30:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31286"
},
{
"type": "WEB",
"url": "https://success.trendmicro.com/en-US/solution/KA-0019386"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-F3F9-274W-R3M6
Vulnerability from github – Published: 2023-05-09 18:30 – Updated: 2024-04-04 03:55Insecure Permissons vulnerability found in Shop_CMS YerShop all versions allows a remote attacker to escalate privileges via the cover_id parameter.
{
"affected": [],
"aliases": [
"CVE-2020-23362"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-09T16:15:13Z",
"severity": "HIGH"
},
"details": "Insecure Permissons vulnerability found in Shop_CMS YerShop all versions allows a remote attacker to escalate privileges via the cover_id parameter.",
"id": "GHSA-f3f9-274w-r3m6",
"modified": "2024-04-04T03:55:40Z",
"published": "2023-05-09T18:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23362"
},
{
"type": "WEB",
"url": "https://github.com/huyiwill/shopcms_lang/issues/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-48
Strategy: Separation of Privilege
Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation MIT-49
Strategy: Separation of Privilege
Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.