CWE-269
DiscouragedImproper Privilege Management
Abstraction: Class · Status: Draft
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
5445 vulnerabilities reference this CWE, most recent first.
GHSA-J5G9-J7R4-6QVX
Vulnerability from github – Published: 2024-01-03 21:50 – Updated: 2024-01-03 21:50Impact
This is a potential moderate impact, low complexity privilege escalation vulnerability in Craft with certain user permissions setups.
Patches
This has been fixed in Craft 4.4.16 and Craft 3.9.6. Users should ensure they are running at least those versions.
References
https://github.com/craftcms/cms/pull/13932 https://github.com/craftcms/cms/pull/13931 https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#4511---2023-11-16 https://github.com/craftcms/cms/blob/v3/CHANGELOG.md#396---2023-11-16
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.5.10"
},
"package": {
"ecosystem": "Packagist",
"name": "craftcms/cms"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0-RC1"
},
{
"fixed": "4.5.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.9.5"
},
"package": {
"ecosystem": "Packagist",
"name": "craftcms/cms"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "3.9.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-21622"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": true,
"github_reviewed_at": "2024-01-03T21:50:26Z",
"nvd_published_at": "2024-01-03T17:15:12Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nThis is a potential moderate impact, low complexity privilege escalation vulnerability in Craft with certain user permissions setups.\n\n### Patches\n\nThis has been fixed in Craft 4.4.16 and Craft 3.9.6. Users should ensure they are running at least those versions.\n\n### References\n\nhttps://github.com/craftcms/cms/pull/13932\nhttps://github.com/craftcms/cms/pull/13931\nhttps://github.com/craftcms/cms/blob/develop/CHANGELOG.md#4511---2023-11-16\nhttps://github.com/craftcms/cms/blob/v3/CHANGELOG.md#396---2023-11-16",
"id": "GHSA-j5g9-j7r4-6qvx",
"modified": "2024-01-03T21:50:26Z",
"published": "2024-01-03T21:50:26Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-j5g9-j7r4-6qvx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21622"
},
{
"type": "WEB",
"url": "https://github.com/craftcms/cms/pull/13931"
},
{
"type": "WEB",
"url": "https://github.com/craftcms/cms/pull/13932"
},
{
"type": "WEB",
"url": "https://github.com/craftcms/cms/commit/76caf9af07d9964be0fd362772223be6a5f5b6aa"
},
{
"type": "WEB",
"url": "https://github.com/craftcms/cms/commit/be81eb653d633833f2ab22510794abb6bb9c0843"
},
{
"type": "PACKAGE",
"url": "https://github.com/craftcms/cms"
},
{
"type": "WEB",
"url": "https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#4511---2023-11-16"
},
{
"type": "WEB",
"url": "https://github.com/craftcms/cms/blob/v3/CHANGELOG.md#396---2023-11-16"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "Craft CMS Privilege Escalation"
}
GHSA-J5P2-95X6-9MR4
Vulnerability from github – Published: 2024-12-31 00:32 – Updated: 2024-12-31 00:32An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem.
This issue only impacts SoftIron HyperCloud and related software products (such as VM Squared) software versions 2.3.0 to before 2.5.0.
{
"affected": [],
"aliases": [
"CVE-2024-13058"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-30T22:15:05Z",
"severity": "MODERATE"
},
"details": "An issue exists in SoftIron HyperCloud\n where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem.\n\nThis issue only impacts SoftIron HyperCloud and related software products (such as VM Squared) software versions 2.3.0 to before 2.5.0.",
"id": "GHSA-j5p2-95x6-9mr4",
"modified": "2024-12-31T00:32:47Z",
"published": "2024-12-31T00:32:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13058"
},
{
"type": "WEB",
"url": "https://advisories.softiron.cloud"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:D/RE:M/U:Green",
"type": "CVSS_V4"
}
]
}
GHSA-J5R5-QRVJ-CPPQ
Vulnerability from github – Published: 2023-08-09 03:30 – Updated: 2024-04-04 06:43The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 6.7.1 due to insufficient restriction on the 'rem_save_profile_front' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wp_capabilities' parameter during a profile update.
{
"affected": [],
"aliases": [
"CVE-2023-4239"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-09T03:15:45Z",
"severity": "MODERATE"
},
"details": "The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 6.7.1 due to insufficient restriction on the \u0027rem_save_profile_front\u0027 function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the \u0027wp_capabilities\u0027 parameter during a profile update.",
"id": "GHSA-j5r5-qrvj-cppq",
"modified": "2024-04-04T06:43:17Z",
"published": "2023-08-09T03:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4239"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/real-estate-manager/tags/6.7.1/classes/shortcodes.class.php#L1439"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d83d1fd0-6e21-406e-a7c0-89d26eabbb32?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J5VX-99C2-MCFV
Vulnerability from github – Published: 2022-05-24 17:38 – Updated: 2026-07-05 00:31K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: Local Process Execution (local). The component is: K7Sentry.sys.
{
"affected": [],
"aliases": [
"CVE-2018-8044"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-11T16:15:00Z",
"severity": "HIGH"
},
"details": "K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: Local Process Execution (local). The component is: K7Sentry.sys.",
"id": "GHSA-j5vx-99c2-mcfv",
"modified": "2026-07-05T00:31:16Z",
"published": "2022-05-24T17:38:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8044"
},
{
"type": "WEB",
"url": "https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021"
},
{
"type": "WEB",
"url": "http://k7antivirus.com"
},
{
"type": "WEB",
"url": "http://k7computing.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J5WG-H8JH-FX4V
Vulnerability from github – Published: 2023-04-18 21:30 – Updated: 2024-04-04 03:32Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.1 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
{
"affected": [],
"aliases": [
"CVE-2023-21896"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-18T20:15:11Z",
"severity": "HIGH"
},
"details": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.1 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).",
"id": "GHSA-j5wg-h8jh-fx4v",
"modified": "2024-04-04T03:32:19Z",
"published": "2023-04-18T21:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21896"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2023.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J64G-FGWQ-J479
Vulnerability from github – Published: 2022-05-24 17:26 – Updated: 2024-03-21 03:33** DISPUTED ** voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuration error.
{
"affected": [],
"aliases": [
"CVE-2020-24567"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-08-21T03:15:00Z",
"severity": "MODERATE"
},
"details": "** DISPUTED ** voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuration error.",
"id": "GHSA-j64g-fgwq-j479",
"modified": "2024-03-21T03:33:55Z",
"published": "2022-05-24T17:26:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24567"
},
{
"type": "WEB",
"url": "https://www.cymaera.com/articles/everything.html"
},
{
"type": "WEB",
"url": "https://www.voidtools.com/forum/viewtopic.php?p=32509#p32509"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J65J-GPFR-72JV
Vulnerability from github – Published: 2024-06-13 21:30 – Updated: 2024-07-11 15:30In AcvpOnMessage of avcp.cpp, there is a possible EOP due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
{
"affected": [],
"aliases": [
"CVE-2024-32906"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-908"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-13T21:15:54Z",
"severity": "HIGH"
},
"details": "In AcvpOnMessage of avcp.cpp, there is a possible EOP due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
"id": "GHSA-j65j-gpfr-72jv",
"modified": "2024-07-11T15:30:43Z",
"published": "2024-06-13T21:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32906"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J68C-RJ4V-FJJR
Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-08-31 00:00An improper access control vulnerability exists in Citrix Workspace App for Windows potentially allows privilege escalation in CR versions prior to 2105 and 1912 LTSR prior to CU4.
{
"affected": [],
"aliases": [
"CVE-2021-22907"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-27T12:15:00Z",
"severity": "HIGH"
},
"details": "An improper access control vulnerability exists in Citrix Workspace App for Windows potentially allows privilege escalation in CR versions prior to 2105 and 1912 LTSR prior to CU4.",
"id": "GHSA-j68c-rj4v-fjjr",
"modified": "2022-08-31T00:00:20Z",
"published": "2022-05-24T19:03:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22907"
},
{
"type": "WEB",
"url": "https://support.citrix.com/article/CTX307794"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J69W-PXCF-VJQW
Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-05-24 19:07Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33773, CVE-2021-34445, CVE-2021-34456.
{
"affected": [],
"aliases": [
"CVE-2021-33761"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-14T18:15:00Z",
"severity": "HIGH"
},
"details": "Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33773, CVE-2021-34445, CVE-2021-34456.",
"id": "GHSA-j69w-pxcf-vjqw",
"modified": "2022-05-24T19:07:54Z",
"published": "2022-05-24T19:07:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33761"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33761"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-J6GQ-C29X-24X7
Vulnerability from github – Published: 2022-08-11 00:00 – Updated: 2022-08-13 00:00In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228450811
{
"affected": [],
"aliases": [
"CVE-2022-20347"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-10T20:15:00Z",
"severity": "HIGH"
},
"details": "In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228450811",
"id": "GHSA-j6gq-c29x-24x7",
"modified": "2022-08-13T00:00:53Z",
"published": "2022-08-11T00:00:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20347"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2022-08-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-48
Strategy: Separation of Privilege
Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation MIT-49
Strategy: Separation of Privilege
Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.