Common Weakness Enumeration

CWE-269

Discouraged

Improper Privilege Management

Abstraction: Class · Status: Draft

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

5443 vulnerabilities reference this CWE, most recent first.

GHSA-J4P8-H8MH-RH8Q

Vulnerability from github – Published: 2025-12-26 18:26 – Updated: 2025-12-31 00:20
VLAI
Summary
Self-hosted n8n has Legacy Code node that enables arbitrary file read/write
Details

Impact

In self-hosted n8n instances where the Code node runs in legacy (non-task-runner) JavaScript execution mode, authenticated users with workflow editing access can invoke internal helper functions from within the Code node.

This allows a workflow editor to perform actions on the n8n host with the same privileges as the n8n process, including:

  • Reading files from the host filesystem (subject to any file-access restrictions configured on the instance and OS/container permissions)
  • Writing files to the host filesystem (subject to the same restrictions)

Starting with n8n version 1.2.1, access to files in the n8n home directory (.n8n) is blocked by default. However, this does not restrict access to other parts of the filesystem unless additional file access limitations are configured.

Patches

  • Upgrade to n8n version 2.0.0 or later, where task runners are enabled by default for Code node execution.
  • On n8n version 1.71.0 and above, enable task runners by setting N8N_RUNNERS_ENABLED=true.

Workarounds

If you cannot immediately migrate to task runners:

  • Limit file operations by setting N8N_RESTRICT_FILE_ACCESS_TO to a dedicated directory (e.g., ~/.n8n-files) and ensure it contains no sensitive data.
  • Keep N8N_BLOCK_FILE_ACCESS_TO_N8N_FILES=true (default) to block access to .n8n and user-defined config files.
  • If workflow editors are not fully trusted, consider disabling high-risk nodes (including the Code node) using NODES_EXCLUDE.

Resources

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "n8n"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.2.1"
            },
            {
              "fixed": "2.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-68697"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-749"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-12-26T18:26:38Z",
    "nvd_published_at": "2025-12-26T22:15:52Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nIn self-hosted n8n instances where the Code node runs in legacy (non-task-runner) JavaScript execution mode, authenticated users with workflow editing access can invoke internal helper functions from within the Code node.\n\nThis allows a workflow editor to perform actions on the n8n host with the same privileges as the n8n process, including:\n\n- Reading files from the host filesystem (subject to any file-access restrictions configured on the instance and OS/container permissions)\n- Writing files to the host filesystem (subject to the same restrictions)\n\nStarting with n8n version 1.2.1, access to files in the n8n home directory (`.n8n`) is blocked by default. However, this does not restrict access to other parts of the filesystem unless additional file access limitations are configured.\n\n### Patches\n\n- Upgrade to **n8n version 2.0.0 or later**, where task runners are enabled by default for Code node execution.\n- On **n8n version 1.71.0 and above**, enable task runners by setting `N8N_RUNNERS_ENABLED=true`.\n\n### Workarounds\n\nIf you cannot immediately migrate to task runners:\n\n- Limit file operations by setting `N8N_RESTRICT_FILE_ACCESS_TO` to a dedicated directory (e.g., `~/.n8n-files`) and ensure it contains no sensitive data.\n- Keep `N8N_BLOCK_FILE_ACCESS_TO_N8N_FILES=true` (default) to block access to `.n8n` and user-defined config files.\n- If workflow editors are not fully trusted, consider disabling high-risk nodes (including the Code node) using `NODES_EXCLUDE`.\n\n### Resources\n\n- n8n Docs: [Task runners](https://docs.n8n.io/hosting/configuration/task-runners/)\n- n8n Docs: [Task runner environment variables](https://docs.n8n.io/hosting/configuration/environment-variables/task-runners/)\n- n8n Docs: [Security environment variables](https://docs.n8n.io/hosting/configuration/environment-variables/security/#security-environment-variables)\n- n8n Docs: [v2.0 breaking changes](https://docs.n8n.io/2-0-breaking-changes/#enable-task-runners-by-default)",
  "id": "GHSA-j4p8-h8mh-rh8q",
  "modified": "2025-12-31T00:20:06Z",
  "published": "2025-12-26T18:26:38Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-j4p8-h8mh-rh8q"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68697"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/n8n-io/n8n"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Self-hosted n8n has Legacy Code node that enables arbitrary file read/write"
}

GHSA-J53Q-VVGG-C52C

Vulnerability from github – Published: 2022-05-24 17:14 – Updated: 2022-05-24 17:14
VLAI
Details

An elevation of privilege vulnerability exists when Microsoft Visual Studio updater service improperly handles file permissions, aka 'Microsoft Visual Studio Elevation of Privilege Vulnerability'.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-0899"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-04-15T15:15:00Z",
    "severity": "LOW"
  },
  "details": "An elevation of privilege vulnerability exists when Microsoft Visual Studio updater service improperly handles file permissions, aka \u0027Microsoft Visual Studio Elevation of Privilege Vulnerability\u0027.",
  "id": "GHSA-j53q-vvgg-c52c",
  "modified": "2022-05-24T17:14:26Z",
  "published": "2022-05-24T17:14:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0899"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0899"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-J557-6R6G-GM35

Vulnerability from github – Published: 2024-08-20 15:32 – Updated: 2024-08-20 21:30
VLAI
Details

Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-33872"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-20T14:15:08Z",
    "severity": "CRITICAL"
  },
  "details": "Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges.",
  "id": "GHSA-j557-6r6g-gm35",
  "modified": "2024-08-20T21:30:34Z",
  "published": "2024-08-20T15:32:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33872"
    },
    {
      "type": "WEB",
      "url": "https://trust.keyfactor.com/?itemUid=d73921fd-bc9e-4e35-a974-cfb628e6a226\u0026source=click"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J55Q-G28W-Q6MV

Vulnerability from github – Published: 2025-05-08 21:32 – Updated: 2025-05-08 21:32
VLAI
Details

On affected versions of the Arista CloudVision Portal (CVP on-prem), the time-bound device onboarding token can be used to gain admin privileges on CloudVision.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-8100"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-08T19:16:01Z",
    "severity": "HIGH"
  },
  "details": "On affected versions of the Arista CloudVision Portal (CVP on-prem), the time-bound device onboarding token can be used to gain admin privileges on CloudVision.",
  "id": "GHSA-j55q-g28w-q6mv",
  "modified": "2025-05-08T21:32:56Z",
  "published": "2025-05-08T21:32:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8100"
    },
    {
      "type": "WEB",
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21316-security-advisory-0116"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J55X-W58Q-G339

Vulnerability from github – Published: 2025-05-22 21:30 – Updated: 2025-05-23 18:32
VLAI
Details

An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the SETTINGSVATIGATOR.EXE component

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-40462"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-22T19:15:41Z",
    "severity": "HIGH"
  },
  "details": "An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the SETTINGSVATIGATOR.EXE component",
  "id": "GHSA-j55x-w58q-g339",
  "modified": "2025-05-23T18:32:03Z",
  "published": "2025-05-22T21:30:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40462"
    },
    {
      "type": "WEB",
      "url": "https://drive.google.com/file/d/1MDU9FGo36U83yQy55nnVj1syWVy9WLm5/view?usp=drive_link"
    },
    {
      "type": "WEB",
      "url": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J57H-2GC3-WW5W

Vulnerability from github – Published: 2024-07-26 18:30 – Updated: 2024-08-01 15:32
VLAI
Details

An issue was discovered in WithSecure Elements Agent through 23.x for macOS, WithSecure Elements Client Security through 23.x for macOS, and WithSecure MDR through 23.x for macOS. Local Privilege Escalation can occur during installations or updates by admins.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27357"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-26T17:15:11Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in WithSecure Elements Agent through 23.x for macOS, WithSecure Elements Client Security through 23.x for macOS, and WithSecure MDR through 23.x for macOS. Local Privilege Escalation can occur during installations or updates by admins.",
  "id": "GHSA-j57h-2gc3-ww5w",
  "modified": "2024-08-01T15:32:12Z",
  "published": "2024-07-26T18:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27357"
    },
    {
      "type": "WEB",
      "url": "https://www.withsecure.com/en/support/security-advisories/cve-2024-27357"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J57W-3C39-GPP5

Vulnerability from github – Published: 2022-02-17 00:00 – Updated: 2022-02-25 15:23
VLAI
Summary
Improper Privilege Management in Snipe-IT
Details

An unprivileged user of Snipe-IT prior to version 5.3.11 can create maintenance for an asset. Version 5.3.11 contains a patch for this issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "snipe/snipe-it"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.3.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-0611"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-862"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-02-25T15:23:16Z",
    "nvd_published_at": "2022-02-16T00:15:00Z",
    "severity": "HIGH"
  },
  "details": "An unprivileged user of Snipe-IT prior to version 5.3.11 can create maintenance for an asset. Version 5.3.11 contains a patch for this issue.",
  "id": "GHSA-j57w-3c39-gpp5",
  "modified": "2022-02-25T15:23:16Z",
  "published": "2022-02-17T00:00:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0611"
    },
    {
      "type": "WEB",
      "url": "https://github.com/snipe/snipe-it/commit/321be4733d3997fc738f0118e1b9af5905f95439"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/snipe/snipe-it"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/7b7447fc-f1b0-446c-b016-ee3f6511010b"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Privilege Management in Snipe-IT"
}

GHSA-J5C2-HM46-WP5C

Vulnerability from github – Published: 2021-07-22 19:43 – Updated: 2021-09-03 20:23
VLAI
Summary
Privilege escalation: all users can access Admin-level API keys
Details

Impact

An error in the implementation of the limits service in 4.0.0 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability.

Ghost(Pro) has already been patched. Self-hosters are impacted if running Ghost a version between 4.0.0 and 4.9.4. Immediate action should be taken to secure your site - see patches & workarounds below.

It is highly recommended to regenerate all API keys after patching or applying the workaround below.

Patches

Fixed in 4.10.0, all 4.x sites should upgrade as soon as possible.

Workarounds

  • Disable all non-Administrator accounts to prevent API access.

For more information

If you have any questions or comments about this advisory: * email us at security@ghost.org


Credits: Aden Yap Chuen Zhen, BAE Systems Applied Intelligence (Malaysia)

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "ghost"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.10.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-39192"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-269"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-07-20T17:44:30Z",
    "nvd_published_at": "2021-09-03T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nAn error in the implementation of the limits service in 4.0.0 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability.\n\nGhost(Pro) has already been patched. Self-hosters are impacted if running Ghost a version between 4.0.0 and 4.9.4. Immediate action should be taken to secure your site - see patches \u0026 workarounds below.\n\nIt is highly recommended to regenerate all API keys after patching or applying the workaround below.\n\n### Patches\nFixed in 4.10.0, all 4.x sites should upgrade as soon as possible.\n\n### Workarounds\n- Disable all non-Administrator accounts to prevent API access.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* email us at security@ghost.org\n\n---\nCredits: Aden Yap Chuen Zhen, BAE Systems Applied Intelligence (Malaysia)",
  "id": "GHSA-j5c2-hm46-wp5c",
  "modified": "2021-09-03T20:23:05Z",
  "published": "2021-07-22T19:43:16Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/TryGhost/Ghost/security/advisories/GHSA-j5c2-hm46-wp5c"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39192"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/TryGhost/Ghost"
    },
    {
      "type": "WEB",
      "url": "https://github.com/TryGhost/Ghost/releases/tag/v4.10.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Privilege escalation: all users can access Admin-level API keys"
}

GHSA-J5G9-J7R4-6QVX

Vulnerability from github – Published: 2024-01-03 21:50 – Updated: 2024-01-03 21:50
VLAI
Summary
Craft CMS Privilege Escalation
Details

Impact

This is a potential moderate impact, low complexity privilege escalation vulnerability in Craft with certain user permissions setups.

Patches

This has been fixed in Craft 4.4.16 and Craft 3.9.6. Users should ensure they are running at least those versions.

References

https://github.com/craftcms/cms/pull/13932 https://github.com/craftcms/cms/pull/13931 https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#4511---2023-11-16 https://github.com/craftcms/cms/blob/v3/CHANGELOG.md#396---2023-11-16

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.5.10"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "craftcms/cms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0-RC1"
            },
            {
              "fixed": "4.5.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.9.5"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "craftcms/cms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "3.9.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-21622"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-01-03T21:50:26Z",
    "nvd_published_at": "2024-01-03T17:15:12Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nThis is a potential moderate impact, low complexity privilege escalation vulnerability in Craft with certain user permissions setups.\n\n### Patches\n\nThis has been fixed in Craft 4.4.16 and Craft 3.9.6. Users should ensure they are running at least those versions.\n\n### References\n\nhttps://github.com/craftcms/cms/pull/13932\nhttps://github.com/craftcms/cms/pull/13931\nhttps://github.com/craftcms/cms/blob/develop/CHANGELOG.md#4511---2023-11-16\nhttps://github.com/craftcms/cms/blob/v3/CHANGELOG.md#396---2023-11-16",
  "id": "GHSA-j5g9-j7r4-6qvx",
  "modified": "2024-01-03T21:50:26Z",
  "published": "2024-01-03T21:50:26Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/craftcms/cms/security/advisories/GHSA-j5g9-j7r4-6qvx"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21622"
    },
    {
      "type": "WEB",
      "url": "https://github.com/craftcms/cms/pull/13931"
    },
    {
      "type": "WEB",
      "url": "https://github.com/craftcms/cms/pull/13932"
    },
    {
      "type": "WEB",
      "url": "https://github.com/craftcms/cms/commit/76caf9af07d9964be0fd362772223be6a5f5b6aa"
    },
    {
      "type": "WEB",
      "url": "https://github.com/craftcms/cms/commit/be81eb653d633833f2ab22510794abb6bb9c0843"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/craftcms/cms"
    },
    {
      "type": "WEB",
      "url": "https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#4511---2023-11-16"
    },
    {
      "type": "WEB",
      "url": "https://github.com/craftcms/cms/blob/v3/CHANGELOG.md#396---2023-11-16"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Craft CMS Privilege Escalation"
}

GHSA-J5P2-95X6-9MR4

Vulnerability from github – Published: 2024-12-31 00:32 – Updated: 2024-12-31 00:32
VLAI
Details

An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem.

This issue only impacts SoftIron HyperCloud and related software products (such as VM Squared) software versions 2.3.0 to before 2.5.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-13058"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-30T22:15:05Z",
    "severity": "MODERATE"
  },
  "details": "An issue exists in SoftIron HyperCloud\n where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem.\n\nThis issue only impacts SoftIron HyperCloud and related software products (such as VM Squared) software versions 2.3.0 to before 2.5.0.",
  "id": "GHSA-j5p2-95x6-9mr4",
  "modified": "2024-12-31T00:32:47Z",
  "published": "2024-12-31T00:32:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13058"
    },
    {
      "type": "WEB",
      "url": "https://advisories.softiron.cloud"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:D/RE:M/U:Green",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-48
Architecture and Design

Strategy: Separation of Privilege

Follow the principle of least privilege when assigning access rights to entities in a software system.

Mitigation MIT-49
Architecture and Design

Strategy: Separation of Privilege

Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

CAPEC-122: Privilege Abuse

An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.

CAPEC-233: Privilege Escalation

An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.

CAPEC-58: Restful Privilege Elevation

An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.