Common Weakness Enumeration

CWE-269

Discouraged

Improper Privilege Management

Abstraction: Class · Status: Draft

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

5433 vulnerabilities reference this CWE, most recent first.

GHSA-G467-J8JP-RQ97

Vulnerability from github – Published: 2023-08-24 03:30 – Updated: 2025-11-04 18:30
VLAI
Details

A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API process.binding() can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding('spawn_sync') run arbitrary code, outside of the limits defined in a policy.json file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-32559"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-24T02:15:09Z",
    "severity": "HIGH"
  },
  "details": "A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding(\u0027spawn_sync\u0027)` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.",
  "id": "GHSA-g467-j8jp-rq97",
  "modified": "2025-11-04T18:30:43Z",
  "published": "2023-08-24T03:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32559"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1946470"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00029.html"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20231006-0006"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G46V-9MX2-CGXF

Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2026-06-10 18:31
VLAI
Details

A vulnerability in the Windows installer XML (WiX) toolset of TechSmith Snagit 19.1.1.2860 allows attackers to escalate privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-18169"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-26T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the Windows installer XML (WiX) toolset of TechSmith Snagit 19.1.1.2860 allows attackers to escalate privileges.",
  "id": "GHSA-g46v-9mx2-cgxf",
  "modified": "2026-06-10T18:31:37Z",
  "published": "2022-05-24T19:09:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-18169"
    },
    {
      "type": "WEB",
      "url": "https://docs.google.com/document/d/1W33rsdISmexLOGS4VmLUIITRU_KqGULcij1Z6QyxsjU/edit?usp=sharing"
    },
    {
      "type": "WEB",
      "url": "https://github.com/GitHubAssessments/CVE_Assessment_04_2019/blob/master/Snagit_Report.pdf"
    },
    {
      "type": "WEB",
      "url": "https://github.com/TechSmith/TSC-Security-Public/blob/main/advisories/2020/CVE-2020-18169-dispute.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G479-C966-M99H

Vulnerability from github – Published: 2022-05-24 17:02 – Updated: 2024-04-04 02:41
VLAI
Details

An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-7319"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-11-26T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges.",
  "id": "GHSA-g479-c966-m99h",
  "modified": "2024-04-04T02:41:02Z",
  "published": "2022-05-24T17:02:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7319"
    },
    {
      "type": "WEB",
      "url": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_o2p_hjm_33b"
    },
    {
      "type": "WEB",
      "url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#hue"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G49F-3J9M-VHQ2

Vulnerability from github – Published: 2022-02-15 00:02 – Updated: 2022-02-24 00:01
VLAI
Details

In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-25150"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-14T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges.",
  "id": "GHSA-g49f-3j9m-vhq2",
  "modified": "2022-02-24T00:01:13Z",
  "published": "2022-02-15T00:02:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25150"
    },
    {
      "type": "WEB",
      "url": "https://binisoft.org/changelog.txt"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/bugs?report_id=1205932"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-G4H6-QP44-WQVX

Vulnerability from github – Published: 2022-09-20 21:19 – Updated: 2022-09-20 21:19
VLAI
Summary
XWiki.WebHome vulnerable to Improper Privilege Management in XWiki resolving groups
Details

Impact

It's possible to exploit a bug in XWikiRights resolution of groups to obtain privilege escalation.

More specifically, editing a right with the object editor leads to adding a supplementary empty value to groups which is then resolved as a reference to XWiki.WebHome page. Adding an XWikiGroup xobject to that page then transforms it to a group, any user put in that group would then obtain the privileges related to the edited right.

Note that this security issue is normally mitigated by the fact that XWiki.WebHome (and XWiki space in general) should be protected by default for edit rights.

Patches

The problem has been patched in XWiki 13.10.4 and 14.2RC1 to not consider anymore empty values in XWikiRights.

Workarounds

It's possible to workaround the problem by setting appropriate rights on XWiki.WebHome page to prevent users to edit it.

References

  • https://jira.xwiki.org/browse/XWIKI-18386
  • https://jira.xwiki.org/browse/XWIKI-15776

For more information

If you have any questions or comments about this advisory: * Open an issue in Jira XWiki.org * Email us at Security Mailing List

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.xwiki.platform:xwiki-platform-oldcore"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.3.7"
            },
            {
              "fixed": "13.10.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.xwiki.platform:xwiki-platform-oldcore"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "14.0-rc-1"
            },
            {
              "fixed": "14.2-rc-1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-31166"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-20T21:19:52Z",
    "nvd_published_at": "2022-09-07T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nIt\u0027s possible to exploit a bug in XWikiRights resolution of groups to obtain privilege escalation. \n\nMore specifically, editing a right with the object editor leads to adding a supplementary empty value to groups which is then resolved as a reference to XWiki.WebHome page. Adding an XWikiGroup xobject to that page then transforms it to a group, any user put in that group would then obtain the privileges related to the edited right.\n\nNote that this security issue is normally mitigated by the fact that XWiki.WebHome (and XWiki space in general) should be protected by default for edit rights. \n\n### Patches\n\nThe problem has been patched in XWiki 13.10.4 and 14.2RC1 to not consider anymore empty values in XWikiRights. \n\n### Workarounds\n\nIt\u0027s possible to workaround the problem by setting appropriate rights on XWiki.WebHome page to prevent users to edit it. \n\n### References\n\n* https://jira.xwiki.org/browse/XWIKI-18386\n* https://jira.xwiki.org/browse/XWIKI-15776\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Jira XWiki.org](https://jira.xwiki.org)\n* Email us at [Security Mailing List](mailto:security@xwiki.org)\n",
  "id": "GHSA-g4h6-qp44-wqvx",
  "modified": "2022-09-20T21:19:52Z",
  "published": "2022-09-20T21:19:52Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g4h6-qp44-wqvx"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31166"
    },
    {
      "type": "WEB",
      "url": "https://github.com/xwiki/xwiki-platform/pull/1800"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/xwiki/xwiki-platform"
    },
    {
      "type": "WEB",
      "url": "https://jira.xwiki.org/browse/XWIKI-15776"
    },
    {
      "type": "WEB",
      "url": "https://jira.xwiki.org/browse/XWIKI-18386"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "XWiki.WebHome vulnerable to Improper Privilege Management in XWiki resolving groups"
}

GHSA-G4Q9-4C3V-QW9G

Vulnerability from github – Published: 2022-05-24 17:11 – Updated: 2023-02-02 21:33
VLAI
Details

An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as shipped in Openshift 4.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-19355"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266",
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-03-18T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as shipped in Openshift 4.",
  "id": "GHSA-g4q9-4c3v-qw9g",
  "modified": "2023-02-02T21:33:43Z",
  "published": "2022-05-24T17:11:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19355"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/articles/4859371"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0683"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:1280"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:1545"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2019-19355"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793277"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19355"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G4VC-H383-5QV8

Vulnerability from github – Published: 2022-05-24 17:19 – Updated: 2022-05-24 17:19
VLAI
Details

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0915.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-0916"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-06-09T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka \u0027Windows GDI Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2020-0915.",
  "id": "GHSA-g4vc-h383-5qv8",
  "modified": "2022-05-24T17:19:47Z",
  "published": "2022-05-24T17:19:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0916"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0916"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-G4VR-FPGW-9FFF

Vulnerability from github – Published: 2022-03-10 00:00 – Updated: 2022-03-17 00:02
VLAI
Details

Windows Inking COM Elevation of Privilege Vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-23290"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-09T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "Windows Inking COM Elevation of Privilege Vulnerability.",
  "id": "GHSA-g4vr-fpgw-9fff",
  "modified": "2022-03-17T00:02:30Z",
  "published": "2022-03-10T00:00:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23290"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23290"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23290"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G57R-4MV6-3958

Vulnerability from github – Published: 2021-12-16 00:01 – Updated: 2022-04-02 00:00
VLAI
Details

Windows Remote Access Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-43238"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-15T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "Windows Remote Access Elevation of Privilege Vulnerability",
  "id": "GHSA-g57r-4mv6-3958",
  "modified": "2022-04-02T00:00:53Z",
  "published": "2021-12-16T00:01:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43238"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43238"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-019"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G58P-HGRM-327X

Vulnerability from github – Published: 2023-02-16 18:30 – Updated: 2023-02-24 21:30
VLAI
Details

A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-24483"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-16T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.",
  "id": "GHSA-g58p-hgrm-327x",
  "modified": "2023-02-24T21:30:19Z",
  "published": "2023-02-16T18:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24483"
    },
    {
      "type": "WEB",
      "url": "https://support.citrix.com/article/CTX477616/citrix-virtual-apps-and-desktops-security-bulletin-for-cve202324483"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-48
Architecture and Design

Strategy: Separation of Privilege

Follow the principle of least privilege when assigning access rights to entities in a software system.

Mitigation MIT-49
Architecture and Design

Strategy: Separation of Privilege

Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

CAPEC-122: Privilege Abuse

An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.

CAPEC-233: Privilege Escalation

An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.

CAPEC-58: Restful Privilege Elevation

An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.