CWE-269
DiscouragedImproper Privilege Management
Abstraction: Class · Status: Draft
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
5433 vulnerabilities reference this CWE, most recent first.
GHSA-MQ24-Q99R-6FPW
Vulnerability from github – Published: 2022-05-24 22:00 – Updated: 2024-04-04 03:06MISP before 2.4.115 allows privilege escalation in certain situations. After updating to 2.4.115, escalation attempts are blocked by the __checkLoggedActions function with a "This could be an indication of an attempted privilege escalation on older vulnerable versions of MISP (<2.4.115)" message.
{
"affected": [],
"aliases": [
"CVE-2019-16202"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-09-10T14:15:00Z",
"severity": "MODERATE"
},
"details": "MISP before 2.4.115 allows privilege escalation in certain situations. After updating to 2.4.115, escalation attempts are blocked by the __checkLoggedActions function with a \"This could be an indication of an attempted privilege escalation on older vulnerable versions of MISP (\u003c2.4.115)\" message.",
"id": "GHSA-mq24-q99r-6fpw",
"modified": "2024-04-04T03:06:55Z",
"published": "2022-05-24T22:00:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16202"
},
{
"type": "WEB",
"url": "https://github.com/MISP/MISP/commit/75acd63c46506ad404764c3a3de7d4ca11d0560f"
},
{
"type": "WEB",
"url": "https://excellium-services.com/cert-xlm-advisory/cve-2019-16202"
},
{
"type": "WEB",
"url": "https://github.com/MISP/MISP/compare/v2.4.114...v2.4.115"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MQ4X-R2W3-J7MR
Vulnerability from github – Published: 2024-03-11 21:25 – Updated: 2025-01-07 18:36Impact
ZITADEL uses a cookie to identify the user agent (browser) and its user sessions.
Although the cookie was handled according to best practices, it was accessible on subdomains of the ZITADEL instance. An attacker could take advantage of this and provide a malicious link hosted on the subdomain to the user to gain access to the victim’s account in certain scenarios. A possible victim would need to login through the malicious link for this exploit to work.
If the possible victim already had the cookie present, the attack would not succeed. The attack would further only be possible if there was an initial vulnerability on the subdomain. This could either be the attacker being able to control DNS or a XSS vulnerability in an application hosted on a subdomain.
Patches
2.x versions are fixed on >= 2.46.0 2.45.x versions are fixed on >= 2.45.1 2.44.x versions are fixed on >= 2.44.3
ZITADEL recommends upgrading to the latest versions available in due course.
Note that applying the patch will invalidate the current cookie and thus users will need to start a new session and existing sessions (user selection) will be empty.
Workarounds
For self-hosted environments unable to upgrade to a patched version, prevent setting the following cookie name on subdomains of your ZITADEL instance (e.g. within your WAF): __Secure-zitadel-useragent
References
None
Questions
If you have any questions or comments about this advisory, please email us at security@zitadel.com
Credits
Thanks to Amit Laish – GE Vernova for finding and reporting the vulnerability.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/zitadel/zitadel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.44.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/zitadel/zitadel"
},
"ranges": [
{
"events": [
{
"introduced": "2.45.0"
},
{
"fixed": "2.45.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-28197"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-384"
],
"github_reviewed": true,
"github_reviewed_at": "2024-03-11T21:25:52Z",
"nvd_published_at": "2024-03-11T20:15:07Z",
"severity": "HIGH"
},
"details": "### Impact\nZITADEL uses a cookie to identify the user agent (browser) and its user sessions. \n\nAlthough the cookie was handled according to best practices, it was accessible on subdomains of the ZITADEL instance. An attacker could take advantage of this and provide a malicious link hosted on the subdomain to the user to gain access to the victim\u2019s account in certain scenarios. \nA possible victim would need to login through the malicious link for this exploit to work. \n\nIf the possible victim already had the cookie present, the attack would not succeed. The attack would further only be possible if there was an initial vulnerability on the subdomain. This could either be the attacker being able to control DNS or a XSS vulnerability in an application hosted on a subdomain.\n\n### Patches\n2.x versions are fixed on \u003e= [2.46.0](https://github.com/zitadel/zitadel/releases/tag/v2.46.0)\n2.45.x versions are fixed on \u003e= [2.45.1](https://github.com/zitadel/zitadel/releases/tag/v2.45.1)\n2.44.x versions are fixed on \u003e= [2.44.3](https://github.com/zitadel/zitadel/releases/tag/v2.44.3)\n\nZITADEL recommends upgrading to the latest versions available in due course.\n\nNote that applying the patch will invalidate the current cookie and thus users will need to start a new session and existing sessions (user selection) will be empty.\n\n### Workarounds\nFor self-hosted environments unable to upgrade to a patched version, prevent setting the following cookie name on subdomains of your ZITADEL instance (e.g. within your WAF): `__Secure-zitadel-useragent`\n\n### References\nNone\n\n### Questions\nIf you have any questions or comments about this advisory, please email us at [security@zitadel.com](mailto:security@zitadel.com)\n\n### Credits\nThanks to Amit Laish \u2013 GE Vernova for finding and reporting the vulnerability.",
"id": "GHSA-mq4x-r2w3-j7mr",
"modified": "2025-01-07T18:36:00Z",
"published": "2024-03-11T21:25:52Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-mq4x-r2w3-j7mr"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28197"
},
{
"type": "WEB",
"url": "https://github.com/zitadel/zitadel/commit/d4c553b75a214e41299af010ef4b26174a0f802c"
},
{
"type": "WEB",
"url": "https://github.com/zitadel/zitadel/commit/e82cb51eb819c6cdba8123c9c34c5739b46b29eb"
},
{
"type": "PACKAGE",
"url": "https://github.com/zitadel/zitadel"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Account Takeover via Session Fixation in Zitadel [Bypassing MFA]"
}
GHSA-MQC2-2JGQ-8887
Vulnerability from github – Published: 2022-07-13 00:00 – Updated: 2022-07-13 00:00Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22047, CVE-2022-22049.
{
"affected": [],
"aliases": [
"CVE-2022-22026"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-12T23:15:00Z",
"severity": "HIGH"
},
"details": "Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22047, CVE-2022-22049.",
"id": "GHSA-mqc2-2jgq-8887",
"modified": "2022-07-13T00:00:40Z",
"published": "2022-07-13T00:00:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22026"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22026"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22026"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/168068/Windows-sxs-CNodeFactory-XMLParser_Element_doc_assembly_assemblyIdentity-Heap-Buffer-Overflow.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MQF4-W45Q-79WW
Vulnerability from github – Published: 2024-05-17 09:31 – Updated: 2024-05-17 09:31Improper Privilege Management vulnerability in Wholesale WholesaleX allows Privilege Escalation.This issue affects WholesaleX: from n/a through 1.3.2.
{
"affected": [],
"aliases": [
"CVE-2024-30542"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-17T09:15:31Z",
"severity": "CRITICAL"
},
"details": "Improper Privilege Management vulnerability in Wholesale WholesaleX allows Privilege Escalation.This issue affects WholesaleX: from n/a through 1.3.2.",
"id": "GHSA-mqf4-w45q-79ww",
"modified": "2024-05-17T09:31:02Z",
"published": "2024-05-17T09:31:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30542"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/wholesalex/wordpress-wholesalex-plugin-1-3-2-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MQFW-6FJ5-2HHJ
Vulnerability from github – Published: 2023-01-11 00:30 – Updated: 2023-01-11 00:30Windows GDI Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21532.
{
"affected": [],
"aliases": [
"CVE-2023-21552"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-01-10T22:15:00Z",
"severity": "HIGH"
},
"details": "Windows GDI Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21532.",
"id": "GHSA-mqfw-6fj5-2hhj",
"modified": "2023-01-11T00:30:47Z",
"published": "2023-01-11T00:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21552"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21552"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-21552"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MQJ9-7X6G-MR5P
Vulnerability from github – Published: 2022-05-13 01:48 – Updated: 2022-05-13 01:48A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. Affected releases are all versions of Junos Space Security Director prior to 17.2R1.
{
"affected": [],
"aliases": [
"CVE-2018-0010"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-01-10T22:29:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. Affected releases are all versions of Junos Space Security Director prior to 17.2R1.",
"id": "GHSA-mqj9-7x6g-mr5p",
"modified": "2022-05-13T01:48:17Z",
"published": "2022-05-13T01:48:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0010"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA10840"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MQPW-46FH-299H
Vulnerability from github – Published: 2026-02-17 21:39 – Updated: 2026-03-06 01:02Summary
What this means (plain language)
If you give a client “chat/write” access to the gateway (operator.write) but you do not intend to let that client approve exec requests (operator.approvals), affected versions could still let that client approve/deny a pending exec approval by sending the /approve chat command.
This is mainly relevant for shared or multi-client setups where different tokens are intentionally scoped differently. Single-operator installs are typically less impacted.
Technical summary
A gateway client authenticated with a device token scoped only to operator.write (without operator.approvals) could approve/deny pending exec approval requests by sending a chat message containing the built-in /approve command.
exec.approval.resolve is correctly scoped to operator.approvals for direct RPC calls, but the /approve command path invoked it via an internal privileged gateway client.
Affected Packages / Versions
openclaw(npm):< 2026.2.2
Fix
- Fixed in
openclaw2026.2.2. - Fix commit(s):
efe2a464afcff55bb5a95b959e6bd9ec0fef086e. - Change: when
/approveis invoked from gateway clients (webchat/internal channel), it now requires the requesting client to haveoperator.approvals(oroperator.admin).
Workarounds
- Upgrade to
openclaw >= 2026.2.2. - If you cannot upgrade: avoid issuing write-only device tokens to untrusted clients; disable text commands (
commands.text=false) or restrict access to the webchat/control UI.
References
- Fix:
src/auto-reply/reply/commands-approve.ts - Coverage:
src/auto-reply/reply/commands-approve.test.ts
Release Process Note
This advisory is kept in draft; once the fixed npm versions are available, it can be published without further edits.
Thanks @yueyueL for reporting.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2026.2.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-28473"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-17T21:39:11Z",
"nvd_published_at": "2026-03-05T22:16:21Z",
"severity": "HIGH"
},
"details": "## Summary\n\n### What this means (plain language)\n\nIf you give a client \u201cchat/write\u201d access to the gateway (`operator.write`) but you do not intend to let that client approve exec requests (`operator.approvals`), affected versions could still let that client approve/deny a pending exec approval by sending the `/approve` chat command.\n\nThis is mainly relevant for shared or multi-client setups where different tokens are intentionally scoped differently. Single-operator installs are typically less impacted.\n\n### Technical summary\n\nA gateway client authenticated with a device token scoped only to `operator.write` (without `operator.approvals`) could approve/deny pending exec approval requests by sending a chat message containing the built-in `/approve` command.\n\n`exec.approval.resolve` is correctly scoped to `operator.approvals` for direct RPC calls, but the `/approve` command path invoked it via an internal privileged gateway client.\n\n## Affected Packages / Versions\n\n- `openclaw` (npm): `\u003c 2026.2.2`\n\n## Fix\n\n- Fixed in `openclaw` `2026.2.2`.\n- Fix commit(s): `efe2a464afcff55bb5a95b959e6bd9ec0fef086e`.\n- Change: when `/approve` is invoked from gateway clients (webchat/internal channel), it now requires the requesting client to have `operator.approvals` (or `operator.admin`).\n\n## Workarounds\n\n- Upgrade to `openclaw \u003e= 2026.2.2`.\n- If you cannot upgrade: avoid issuing write-only device tokens to untrusted clients; disable text commands (`commands.text=false`) or restrict access to the webchat/control UI.\n\n## References\n\n- Fix: `src/auto-reply/reply/commands-approve.ts`\n- Coverage: `src/auto-reply/reply/commands-approve.test.ts`\n\n## Release Process Note\n\nThis advisory is kept in draft; once the fixed npm versions are available, it can be published without further edits.\n\nThanks @yueyueL for reporting.",
"id": "GHSA-mqpw-46fh-299h",
"modified": "2026-03-06T01:02:19Z",
"published": "2026-02-17T21:39:11Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-mqpw-46fh-299h"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28473"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/efe2a464afcff55bb5a95b959e6bd9ec0fef086e"
},
{
"type": "PACKAGE",
"url": "https://github.com/openclaw/openclaw"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/openclaw-authorization-bypass-via-approve-chat-command"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "OpenClaw authorization bypass: operator.write can resolve exec approvals via chat.send -\u003e /approve"
}
GHSA-MQR4-3RMW-X22W
Vulnerability from github – Published: 2026-06-17 18:35 – Updated: 2026-06-17 18:35Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise Command Center Framework. While the vulnerability is in Oracle Enterprise Command Center Framework, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Enterprise Command Center Framework. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
{
"affected": [],
"aliases": [
"CVE-2026-46895"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-17T10:54:07Z",
"severity": "CRITICAL"
},
"details": "Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise Command Center Framework. While the vulnerability is in Oracle Enterprise Command Center Framework, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Enterprise Command Center Framework. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).",
"id": "GHSA-mqr4-3rmw-x22w",
"modified": "2026-06-17T18:35:35Z",
"published": "2026-06-17T18:35:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46895"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cspujun2026.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MR34-2X5P-4CW8
Vulnerability from github – Published: 2024-01-10 18:30 – Updated: 2024-01-10 18:30An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.
{
"affected": [],
"aliases": [
"CVE-2023-44250"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-10T18:15:46Z",
"severity": "HIGH"
},
"details": "An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.",
"id": "GHSA-mr34-2x5p-4cw8",
"modified": "2024-01-10T18:30:28Z",
"published": "2024-01-10T18:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44250"
},
{
"type": "WEB",
"url": "https://fortiguard.com/psirt/FG-IR-23-315"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MR3W-2MCQ-243C
Vulnerability from github – Published: 2022-01-07 00:00 – Updated: 2022-04-13 00:01An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted external input because it does not verify CommBuffer.
{
"affected": [],
"aliases": [
"CVE-2020-5956"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-05T23:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted external input because it does not verify CommBuffer.",
"id": "GHSA-mr3w-2mcq-243c",
"modified": "2022-04-13T00:01:13Z",
"published": "2022-01-07T00:00:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5956"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20220223-0001"
},
{
"type": "WEB",
"url": "https://www.insyde.com/security-pledge"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-48
Strategy: Separation of Privilege
Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation MIT-49
Strategy: Separation of Privilege
Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.