CWE-269
DiscouragedImproper Privilege Management
Abstraction: Class · Status: Draft
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
5431 vulnerabilities reference this CWE, most recent first.
GHSA-G5XF-PVJP-4M82
Vulnerability from github – Published: 2022-04-13 00:00 – Updated: 2022-04-21 00:00A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. The vulnerability could be locally exploited to allow an user with Administrator access to escalate their privilege. The vulnerability is resolved in the latest firmware update. HPE Superdome Flex Server Version 3.50.58 or later, HPE Superdome Flex 280 Server Version 1.20.204 or later.
{
"affected": [],
"aliases": [
"CVE-2022-23702"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-12T17:15:00Z",
"severity": "MODERATE"
},
"details": "A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. The vulnerability could be locally exploited to allow an user with Administrator access to escalate their privilege. The vulnerability is resolved in the latest firmware update. HPE Superdome Flex Server Version 3.50.58 or later, HPE Superdome Flex 280 Server Version 1.20.204 or later.",
"id": "GHSA-g5xf-pvjp-4m82",
"modified": "2022-04-21T00:00:54Z",
"published": "2022-04-13T00:00:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23702"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04266en_us"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G623-JCGG-MHMM
Vulnerability from github – Published: 2024-03-15 16:33 – Updated: 2025-06-04 00:32Impact
"Local sync" is an Argo CD feature that allows developers to temporarily override an Application's manifests with locally-defined manifests. Use of the feature should generally be limited to highly-trusted users, since it allows the user to bypass any merge protections in git.
An improper validation bug allows users who have create privileges but not override privileges to sync local manifests on app creation. All other restrictions, including AppProject restrictions are still enforced. The only restriction which is not enforced is that the manifests come from some approved git/Helm/OCI source.
The bug was introduced in 1.2.0-rc1 when the local manifest sync feature was added.
Patches
The bug has been patched in the following versions:
- 2.10.3
- 2.9.8
- 2.8.12
Workarounds
To immediately mitigate the risk of branch protection bypass, remove applications, create RBAC access. The only way to eliminate the issue without removing RBAC access is to upgrade to a patched version.
Branch protection rules and review requirements are a great way to enforce security constraints in a GitOps environment, but they should be just one layer in a multi-layered approach. Make sure your AppProject and RBAC restrictions are as thorough as possible to prevent a review bypass vulnerability from permitting excessive damage.
References
For more information
- Open an issue in the Argo CD issue tracker or discussions
- Join us on Slack in channel #argo-cd
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/argoproj/argo-cd"
},
"ranges": [
{
"events": [
{
"introduced": "1.2.0-rc1"
},
{
"last_affected": "1.8.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/argoproj/argo-cd/v2"
},
"ranges": [
{
"events": [
{
"introduced": "2.9.0"
},
{
"fixed": "2.9.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/argoproj/argo-cd/v2"
},
"ranges": [
{
"events": [
{
"introduced": "2.10.0"
},
{
"fixed": "2.10.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/argoproj/argo-cd/v2"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0-rc3"
},
{
"fixed": "2.8.12"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-50726"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2024-03-15T16:33:19Z",
"nvd_published_at": "2024-03-13T21:15:54Z",
"severity": "MODERATE"
},
"details": "### Impact\n\n\"Local sync\" is an Argo CD feature that allows developers to temporarily override an Application\u0027s manifests with locally-defined manifests. Use of the feature should generally be limited to highly-trusted users, since it allows the user to bypass any merge protections in git.\n\nAn improper validation bug allows users who have `create` privileges but not `override` privileges to sync local manifests on app creation. All other restrictions, including AppProject restrictions are still enforced. The only restriction which is _not_ enforced is that the manifests come from some approved git/Helm/OCI source.\n\nThe bug was introduced in 1.2.0-rc1 when the local manifest sync feature was added.\n\n### Patches\n\nThe bug has been patched in the following versions:\n\n* 2.10.3\n* 2.9.8\n* 2.8.12\n\n### Workarounds\n\nTo immediately mitigate the risk of branch protection bypass, remove `applications, create` RBAC access. The only way to eliminate the issue without removing RBAC access is to upgrade to a patched version.\n\nBranch protection rules and review requirements are a great way to enforce security constraints in a GitOps environment, but they should be just one layer in a multi-layered approach. Make sure your AppProject and RBAC restrictions are as thorough as possible to prevent a review bypass vulnerability from permitting excessive damage.\n\n### References\n\n* [Argo CD RBAC documentation](https://argo-cd.readthedocs.io/en/latest/operator-manual/rbac/)\n\n### For more information\n\n* Open an issue in [the Argo CD issue tracker](https://github.com/argoproj/argo-cd/issues) or [discussions](https://github.com/argoproj/argo-cd/discussions)\n* Join us on [Slack](https://argoproj.github.io/community/join-slack) in channel #argo-cd",
"id": "GHSA-g623-jcgg-mhmm",
"modified": "2025-06-04T00:32:10Z",
"published": "2024-03-15T16:33:19Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g623-jcgg-mhmm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50726"
},
{
"type": "WEB",
"url": "https://github.com/argoproj/argo-cd/commit/3b8f673f06c2d228e01cbc830e5cb57cef008978"
},
{
"type": "WEB",
"url": "https://argo-cd.readthedocs.io/en/latest/operator-manual/rbac"
},
{
"type": "PACKAGE",
"url": "https://github.com/argoproj/argo-cd"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "Users with `create` but not `override` privileges can perform local sync"
}
GHSA-G63J-Q8X3-VPJQ
Vulnerability from github – Published: 2022-05-24 17:20 – Updated: 2022-05-24 17:20In multiple functions of URI.java, there is a possible escalation of privilege due to missing validation in the parceling of URI information. This could lead to a local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124526860
{
"affected": [],
"aliases": [
"CVE-2020-0166"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-06-11T15:15:00Z",
"severity": "MODERATE"
},
"details": "In multiple functions of URI.java, there is a possible escalation of privilege due to missing validation in the parceling of URI information. This could lead to a local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124526860",
"id": "GHSA-g63j-q8x3-vpjq",
"modified": "2022-05-24T17:20:13Z",
"published": "2022-05-24T17:20:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0166"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2020-06-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-G65W-8QV6-V378
Vulnerability from github – Published: 2022-05-24 17:20 – Updated: 2022-05-24 17:20VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system where the software is installed may exploit this issue to run commands as any user.
{
"affected": [],
"aliases": [
"CVE-2020-3961"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-06-15T16:15:00Z",
"severity": "MODERATE"
},
"details": "VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system where the software is installed may exploit this issue to run commands as any user.",
"id": "GHSA-g65w-8qv6-v378",
"modified": "2022-05-24T17:20:34Z",
"published": "2022-05-24T17:20:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3961"
},
{
"type": "WEB",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0013.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-G664-P9GV-7FW8
Vulnerability from github – Published: 2022-03-10 00:00 – Updated: 2022-03-17 00:02Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23283, CVE-2022-24505.
{
"affected": [],
"aliases": [
"CVE-2022-23287"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-09T17:15:00Z",
"severity": "HIGH"
},
"details": "Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23283, CVE-2022-24505.",
"id": "GHSA-g664-p9gv-7fw8",
"modified": "2022-03-17T00:02:30Z",
"published": "2022-03-10T00:00:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23287"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23287"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23287"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G69V-3CVH-V6HF
Vulnerability from github – Published: 2022-05-24 17:13 – Updated: 2022-05-24 17:13In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsExport folder when the controller is running on Windows and adjusting the SafeDllSearchMode in the windows registry when installing UniFi-Video controller. Affected Products: UniFi Video Controller v3.10.2 (for Windows 7/8/10 x64) and prior. Fixed in UniFi Video Controller v3.10.3 and newer.
{
"affected": [],
"aliases": [
"CVE-2020-8146"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-04-01T23:15:00Z",
"severity": "MODERATE"
},
"details": "In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsExport folder when the controller is running on Windows and adjusting the SafeDllSearchMode in the windows registry when installing UniFi-Video controller. Affected Products: UniFi Video Controller v3.10.2 (for Windows 7/8/10 x64) and prior. Fixed in UniFi Video Controller v3.10.3 and newer.",
"id": "GHSA-g69v-3cvh-v6hf",
"modified": "2022-05-24T17:13:20Z",
"published": "2022-05-24T17:13:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8146"
},
{
"type": "WEB",
"url": "https://community.ui.com/releases/Security-advisory-bulletin-006-006/3cf6264e-e0e6-4e26-a331-1d271f84673e"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-G6HC-9FVW-FVFX
Vulnerability from github – Published: 2022-05-24 17:34 – Updated: 2022-05-24 17:34Improper access control in the Intel(R) Visual Compute Accelerator 2, all versions, may allow a privileged user to potentially enable escalation of privilege via local access.
{
"affected": [],
"aliases": [
"CVE-2020-8676"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-11-12T18:15:00Z",
"severity": "MODERATE"
},
"details": "Improper access control in the Intel(R) Visual Compute Accelerator 2, all versions, may allow a privileged user to potentially enable escalation of privilege via local access.",
"id": "GHSA-g6hc-9fvw-fvfx",
"modified": "2022-05-24T17:34:09Z",
"published": "2022-05-24T17:34:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8676"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00368"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-G6HG-W8R9-CCF8
Vulnerability from github – Published: 2022-06-10 00:00 – Updated: 2022-06-18 00:00LibreHealth EHR Base 2.0.0 allows incorrect interface/super/manage_site_files.php access.
{
"affected": [],
"aliases": [
"CVE-2022-31496"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-09T00:15:00Z",
"severity": "HIGH"
},
"details": "LibreHealth EHR Base 2.0.0 allows incorrect interface/super/manage_site_files.php access.",
"id": "GHSA-g6hg-w8r9-ccf8",
"modified": "2022-06-18T00:00:23Z",
"published": "2022-06-10T00:00:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31496"
},
{
"type": "WEB",
"url": "https://github.com/LibreHealthIO/lh-ehr/tags"
},
{
"type": "WEB",
"url": "https://gitlab.com/librehealth/ehr/lh-ehr/-/tags"
},
{
"type": "WEB",
"url": "https://nitroteam.kz/index.php?action=researches\u0026slug=librehealth2_r"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G6MV-H495-5QQC
Vulnerability from github – Published: 2023-07-21 18:30 – Updated: 2024-04-04 06:18Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2023-38187"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-21T18:15:10Z",
"severity": "MODERATE"
},
"details": "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability",
"id": "GHSA-g6mv-h495-5qqc",
"modified": "2024-04-04T06:18:40Z",
"published": "2023-07-21T18:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38187"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38187"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-G6R5-GRFM-G926
Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2024-04-04 02:25ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an undocumented feature in scheduled tasks.
{
"affected": [],
"aliases": [
"CVE-2019-16519"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-10-14T16:15:00Z",
"severity": "HIGH"
},
"details": "ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an undocumented feature in scheduled tasks.",
"id": "GHSA-g6r5-grfm-g926",
"modified": "2024-04-04T02:25:05Z",
"published": "2022-05-24T16:58:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16519"
},
{
"type": "WEB",
"url": "https://danishcyberdefence.dk/blog/esets-cyber-security"
},
{
"type": "WEB",
"url": "http://support.eset.com/ca7317"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-48
Strategy: Separation of Privilege
Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation MIT-49
Strategy: Separation of Privilege
Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.