Common Weakness Enumeration

CWE-269

Discouraged

Improper Privilege Management

Abstraction: Class · Status: Draft

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

5433 vulnerabilities reference this CWE, most recent first.

GHSA-MMF6-49FC-CG8H

Vulnerability from github – Published: 2025-12-09 18:30 – Updated: 2025-12-17 15:34
VLAI
Details

Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows Privilege Escalation, Parameter Injection.

A local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.  This issue affects Firewall Analyzer: A33.0, A33.10.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-12381"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-09T16:17:33Z",
    "severity": "MODERATE"
  },
  "details": "Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows\u00a0Privilege Escalation, Parameter Injection.\n\nA local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file.\u00a0\nThis issue affects Firewall Analyzer: A33.0, A33.10.",
  "id": "GHSA-mmf6-49fc-cg8h",
  "modified": "2025-12-17T15:34:51Z",
  "published": "2025-12-09T18:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12381"
    },
    {
      "type": "WEB",
      "url": "https://techdocs.algosec.com/en/cves/Content/tech-notes/cves/cve-2025-12381.htm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:X/RE:L/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-MMMM-3HX6-P42P

Vulnerability from github – Published: 2022-05-24 17:21 – Updated: 2022-05-24 17:21
VLAI
Details

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-5962"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-06-24T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.",
  "id": "GHSA-mmmm-3hx6-p42p",
  "modified": "2022-05-24T17:21:39Z",
  "published": "2022-05-24T17:21:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5962"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5031"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-MMMP-3J92-HG56

Vulnerability from github – Published: 2022-05-13 01:28 – Updated: 2022-05-13 01:28
VLAI
Details

Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could escalate privileges to admin (root) access in the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-0935"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-22T14:29:00Z",
    "severity": "HIGH"
  },
  "details": "Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could escalate privileges to admin (root) access in the system.",
  "id": "GHSA-mmmp-3j92-hg56",
  "modified": "2022-05-13T01:28:28Z",
  "published": "2022-05-13T01:28:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-0935"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/242407"
    },
    {
      "type": "WEB",
      "url": "https://community.ubnt.com/t5/EdgeMAX-Updates-Blog/EdgeMAX-EdgeRouter-software-security-release-v1-9-7-hotfix-3/ba-p/2054117"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MMR5-X5M7-54R3

Vulnerability from github – Published: 2022-05-24 17:25 – Updated: 2024-01-04 03:30
VLAI
Details

An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Engine Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1535, CVE-2020-1536, CVE-2020-1539, CVE-2020-1540, CVE-2020-1541, CVE-2020-1542, CVE-2020-1544, CVE-2020-1545, CVE-2020-1546, CVE-2020-1547, CVE-2020-1551.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-1543"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-08-17T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka \u0027Windows Backup Engine Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2020-1535, CVE-2020-1536, CVE-2020-1539, CVE-2020-1540, CVE-2020-1541, CVE-2020-1542, CVE-2020-1544, CVE-2020-1545, CVE-2020-1546, CVE-2020-1547, CVE-2020-1551.",
  "id": "GHSA-mmr5-x5m7-54r3",
  "modified": "2024-01-04T03:30:35Z",
  "published": "2022-05-24T17:25:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1543"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1543"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MMX5-32M4-WXVX

Vulnerability from github – Published: 2023-07-25 13:52 – Updated: 2023-07-25 13:52
VLAI
Summary
Ineffective privileges drop when requesting container network
Details

Impact

Fix https://github.com/apptainer/apptainer/pull/1523 included in Apptainer 1.2.0-rc.2 has introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges. The attack surface is rather limited for users but an attacker could possibly craft a starter config to delete any directory on the host filesystems. Only affects setuid installations of Apptainer.

Patches

The security fix https://github.com/apptainer/apptainer/pull/1578 has been included in Apptainer 1.2.1

Workarounds

There is no known workaround outside of upgrading to Apptainer 1.2.1

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/apptainer/apptainer"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.2.0"
            },
            {
              "fixed": "1.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-38496"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-25T13:52:20Z",
    "nvd_published_at": "2023-07-25T22:15:10Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nFix https://github.com/apptainer/apptainer/pull/1523 included in Apptainer 1.2.0-rc.2 has introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges.  The attack surface is rather limited for users but an attacker could possibly craft a starter config to delete any directory on the host filesystems.  Only affects setuid installations of Apptainer.  \n\n### Patches\n\nThe security fix https://github.com/apptainer/apptainer/pull/1578 has been included in Apptainer 1.2.1\n\n### Workarounds\n\nThere is no known workaround outside of upgrading to Apptainer 1.2.1",
  "id": "GHSA-mmx5-32m4-wxvx",
  "modified": "2023-07-25T13:52:20Z",
  "published": "2023-07-25T13:52:20Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/apptainer/apptainer/security/advisories/GHSA-mmx5-32m4-wxvx"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38496"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apptainer/apptainer/pull/1523"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apptainer/apptainer/pull/1578"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apptainer/apptainer"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Ineffective privileges drop when requesting container network"
}

GHSA-MP6H-CXP8-82J6

Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2025-10-22 00:32
VLAI
Details

Windows User Profile Service Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-34484"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-12T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "Windows User Profile Service Elevation of Privilege Vulnerability",
  "id": "GHSA-mp6h-cxp8-82j6",
  "modified": "2025-10-22T00:32:19Z",
  "published": "2022-05-24T19:10:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34484"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34484"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-34484"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MP9Q-9RQC-8X67

Vulnerability from github – Published: 2022-05-24 17:11 – Updated: 2022-05-24 17:11
VLAI
Details

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0779, CVE-2020-0798, CVE-2020-0814, CVE-2020-0843.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-0842"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-03-12T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka \u0027Windows Installer Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2020-0779, CVE-2020-0798, CVE-2020-0814, CVE-2020-0843.",
  "id": "GHSA-mp9q-9rqc-8x67",
  "modified": "2022-05-24T17:11:00Z",
  "published": "2022-05-24T17:11:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0842"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0842"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-MPG8-8X9C-P9GV

Vulnerability from github – Published: 2025-02-13 00:33 – Updated: 2025-02-20 00:12
VLAI
Summary
MaysWind ezBookkeeping has Improper Privilege Management
Details

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/mayswind/ezbookkeeping"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.7.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-57604"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-276"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-02-20T00:12:37Z",
    "nvd_published_at": "2025-02-12T22:15:41Z",
    "severity": "CRITICAL"
  },
  "details": "An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.",
  "id": "GHSA-mpg8-8x9c-p9gv",
  "modified": "2025-02-20T00:12:37Z",
  "published": "2025-02-13T00:33:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57604"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mayswind/ezbookkeeping/issues/33"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mayswind/ezbookkeeping"
    },
    {
      "type": "WEB",
      "url": "https://hkohi.ca/vulnerability/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "MaysWind ezBookkeeping has Improper Privilege Management"
}

GHSA-MPP4-4X92-F6P7

Vulnerability from github – Published: 2022-05-24 17:32 – Updated: 2022-05-24 17:32
VLAI
Details

An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-27671"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-10-22T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.",
  "id": "GHSA-mpp4-4x92-f6p7",
  "modified": "2022-05-24T17:32:01Z",
  "published": "2022-05-24T17:32:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27671"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XIK57QJOVOPWH6RFRNMGOBCROBCKMDG2"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202011-06"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4804"
    },
    {
      "type": "WEB",
      "url": "https://xenbits.xen.org/xsa/advisory-346.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00075.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00025.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2021/01/19/8"
    },
    {
      "type": "WEB",
      "url": "http://xenbits.xen.org/xsa/advisory-346.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MPXM-8W88-RMW2

Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2022-07-13 00:01
VLAI
Details

A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22944"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-31T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.",
  "id": "GHSA-mpxm-8w88-rmw2",
  "modified": "2022-07-13T00:01:10Z",
  "published": "2022-05-24T19:12:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22944"
    },
    {
      "type": "WEB",
      "url": "https://community.ui.com/releases/Security-Advisory-Bulletin-019-019/90a00abe-d6b6-43c6-92d4-0a0342f1506f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-48
Architecture and Design

Strategy: Separation of Privilege

Follow the principle of least privilege when assigning access rights to entities in a software system.

Mitigation MIT-49
Architecture and Design

Strategy: Separation of Privilege

Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

CAPEC-122: Privilege Abuse

An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.

CAPEC-233: Privilege Escalation

An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.

CAPEC-58: Restful Privilege Elevation

An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.