CWE-269
DiscouragedImproper Privilege Management
Abstraction: Class · Status: Draft
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
5433 vulnerabilities reference this CWE, most recent first.
GHSA-G467-J8JP-RQ97
Vulnerability from github – Published: 2023-08-24 03:30 – Updated: 2025-11-04 18:30A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API process.binding() can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding('spawn_sync') run arbitrary code, outside of the limits defined in a policy.json file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.
{
"affected": [],
"aliases": [
"CVE-2023-32559"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-24T02:15:09Z",
"severity": "HIGH"
},
"details": "A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding(\u0027spawn_sync\u0027)` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.",
"id": "GHSA-g467-j8jp-rq97",
"modified": "2025-11-04T18:30:43Z",
"published": "2023-08-24T03:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32559"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/1946470"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00029.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20231006-0006"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G46V-9MX2-CGXF
Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2026-06-10 18:31A vulnerability in the Windows installer XML (WiX) toolset of TechSmith Snagit 19.1.1.2860 allows attackers to escalate privileges.
{
"affected": [],
"aliases": [
"CVE-2020-18169"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-26T20:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the Windows installer XML (WiX) toolset of TechSmith Snagit 19.1.1.2860 allows attackers to escalate privileges.",
"id": "GHSA-g46v-9mx2-cgxf",
"modified": "2026-06-10T18:31:37Z",
"published": "2022-05-24T19:09:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-18169"
},
{
"type": "WEB",
"url": "https://docs.google.com/document/d/1W33rsdISmexLOGS4VmLUIITRU_KqGULcij1Z6QyxsjU/edit?usp=sharing"
},
{
"type": "WEB",
"url": "https://github.com/GitHubAssessments/CVE_Assessment_04_2019/blob/master/Snagit_Report.pdf"
},
{
"type": "WEB",
"url": "https://github.com/TechSmith/TSC-Security-Public/blob/main/advisories/2020/CVE-2020-18169-dispute.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G479-C966-M99H
Vulnerability from github – Published: 2022-05-24 17:02 – Updated: 2024-04-04 02:41An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges.
{
"affected": [],
"aliases": [
"CVE-2019-7319"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-11-26T16:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser privileges.",
"id": "GHSA-g479-c966-m99h",
"modified": "2024-04-04T02:41:02Z",
"published": "2022-05-24T17:02:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7319"
},
{
"type": "WEB",
"url": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#concept_o2p_hjm_33b"
},
{
"type": "WEB",
"url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#hue"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G49F-3J9M-VHQ2
Vulnerability from github – Published: 2022-02-15 00:02 – Updated: 2022-02-24 00:01In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges.
{
"affected": [],
"aliases": [
"CVE-2022-25150"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-14T19:15:00Z",
"severity": "HIGH"
},
"details": "In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges.",
"id": "GHSA-g49f-3j9m-vhq2",
"modified": "2022-02-24T00:01:13Z",
"published": "2022-02-15T00:02:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25150"
},
{
"type": "WEB",
"url": "https://binisoft.org/changelog.txt"
},
{
"type": "WEB",
"url": "https://hackerone.com/bugs?report_id=1205932"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-G4H6-QP44-WQVX
Vulnerability from github – Published: 2022-09-20 21:19 – Updated: 2022-09-20 21:19Impact
It's possible to exploit a bug in XWikiRights resolution of groups to obtain privilege escalation.
More specifically, editing a right with the object editor leads to adding a supplementary empty value to groups which is then resolved as a reference to XWiki.WebHome page. Adding an XWikiGroup xobject to that page then transforms it to a group, any user put in that group would then obtain the privileges related to the edited right.
Note that this security issue is normally mitigated by the fact that XWiki.WebHome (and XWiki space in general) should be protected by default for edit rights.
Patches
The problem has been patched in XWiki 13.10.4 and 14.2RC1 to not consider anymore empty values in XWikiRights.
Workarounds
It's possible to workaround the problem by setting appropriate rights on XWiki.WebHome page to prevent users to edit it.
References
- https://jira.xwiki.org/browse/XWIKI-18386
- https://jira.xwiki.org/browse/XWIKI-15776
For more information
If you have any questions or comments about this advisory: * Open an issue in Jira XWiki.org * Email us at Security Mailing List
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-oldcore"
},
"ranges": [
{
"events": [
{
"introduced": "11.3.7"
},
{
"fixed": "13.10.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-oldcore"
},
"ranges": [
{
"events": [
{
"introduced": "14.0-rc-1"
},
{
"fixed": "14.2-rc-1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-31166"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": true,
"github_reviewed_at": "2022-09-20T21:19:52Z",
"nvd_published_at": "2022-09-07T14:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\n\nIt\u0027s possible to exploit a bug in XWikiRights resolution of groups to obtain privilege escalation. \n\nMore specifically, editing a right with the object editor leads to adding a supplementary empty value to groups which is then resolved as a reference to XWiki.WebHome page. Adding an XWikiGroup xobject to that page then transforms it to a group, any user put in that group would then obtain the privileges related to the edited right.\n\nNote that this security issue is normally mitigated by the fact that XWiki.WebHome (and XWiki space in general) should be protected by default for edit rights. \n\n### Patches\n\nThe problem has been patched in XWiki 13.10.4 and 14.2RC1 to not consider anymore empty values in XWikiRights. \n\n### Workarounds\n\nIt\u0027s possible to workaround the problem by setting appropriate rights on XWiki.WebHome page to prevent users to edit it. \n\n### References\n\n* https://jira.xwiki.org/browse/XWIKI-18386\n* https://jira.xwiki.org/browse/XWIKI-15776\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Jira XWiki.org](https://jira.xwiki.org)\n* Email us at [Security Mailing List](mailto:security@xwiki.org)\n",
"id": "GHSA-g4h6-qp44-wqvx",
"modified": "2022-09-20T21:19:52Z",
"published": "2022-09-20T21:19:52Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g4h6-qp44-wqvx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31166"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/pull/1800"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-platform"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-15776"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-18386"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "XWiki.WebHome vulnerable to Improper Privilege Management in XWiki resolving groups"
}
GHSA-G4Q9-4C3V-QW9G
Vulnerability from github – Published: 2022-05-24 17:11 – Updated: 2023-02-02 21:33An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as shipped in Openshift 4.
{
"affected": [],
"aliases": [
"CVE-2019-19355"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-03-18T17:15:00Z",
"severity": "MODERATE"
},
"details": "An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as shipped in Openshift 4.",
"id": "GHSA-g4q9-4c3v-qw9g",
"modified": "2023-02-02T21:33:43Z",
"published": "2022-05-24T17:11:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19355"
},
{
"type": "WEB",
"url": "https://access.redhat.com/articles/4859371"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0683"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:1280"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:1545"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2019-19355"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793277"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19355"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G4VC-H383-5QV8
Vulnerability from github – Published: 2022-05-24 17:19 – Updated: 2022-05-24 17:19An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0915.
{
"affected": [],
"aliases": [
"CVE-2020-0916"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-06-09T20:15:00Z",
"severity": "HIGH"
},
"details": "An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka \u0027Windows GDI Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2020-0915.",
"id": "GHSA-g4vc-h383-5qv8",
"modified": "2022-05-24T17:19:47Z",
"published": "2022-05-24T17:19:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0916"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0916"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-G4VR-FPGW-9FFF
Vulnerability from github – Published: 2022-03-10 00:00 – Updated: 2022-03-17 00:02Windows Inking COM Elevation of Privilege Vulnerability.
{
"affected": [],
"aliases": [
"CVE-2022-23290"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-09T17:15:00Z",
"severity": "HIGH"
},
"details": "Windows Inking COM Elevation of Privilege Vulnerability.",
"id": "GHSA-g4vr-fpgw-9fff",
"modified": "2022-03-17T00:02:30Z",
"published": "2022-03-10T00:00:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23290"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23290"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23290"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G57R-4MV6-3958
Vulnerability from github – Published: 2021-12-16 00:01 – Updated: 2022-04-02 00:00Windows Remote Access Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2021-43238"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-15T15:15:00Z",
"severity": "HIGH"
},
"details": "Windows Remote Access Elevation of Privilege Vulnerability",
"id": "GHSA-g57r-4mv6-3958",
"modified": "2022-04-02T00:00:53Z",
"published": "2021-12-16T00:01:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43238"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43238"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-019"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G58P-HGRM-327X
Vulnerability from github – Published: 2023-02-16 18:30 – Updated: 2023-02-24 21:30A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.
{
"affected": [],
"aliases": [
"CVE-2023-24483"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-02-16T18:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.",
"id": "GHSA-g58p-hgrm-327x",
"modified": "2023-02-24T21:30:19Z",
"published": "2023-02-16T18:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24483"
},
{
"type": "WEB",
"url": "https://support.citrix.com/article/CTX477616/citrix-virtual-apps-and-desktops-security-bulletin-for-cve202324483"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-48
Strategy: Separation of Privilege
Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation MIT-49
Strategy: Separation of Privilege
Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.