Common Weakness Enumeration

CWE-269

Discouraged

Improper Privilege Management

Abstraction: Class · Status: Draft

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

5436 vulnerabilities reference this CWE, most recent first.

GHSA-P24W-FV79-9HFM

Vulnerability from github – Published: 2024-10-09 18:31 – Updated: 2024-10-15 18:30
VLAI
Details

A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with "Virtual system administrator (read-only)" access could use an XML API key of a "Virtual system administrator" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-9471"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-09T17:15:21Z",
    "severity": "MODERATE"
  },
  "details": "A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with \"Virtual system administrator (read-only)\" access could use an XML API key of a \"Virtual system administrator\" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.",
  "id": "GHSA-p24w-fv79-9hfm",
  "modified": "2024-10-15T18:30:49Z",
  "published": "2024-10-09T18:31:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9471"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2024-9471"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:L/U:Green",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-P26J-6C6C-JVP3

Vulnerability from github – Published: 2022-06-22 00:01 – Updated: 2022-06-29 00:00
VLAI
Details

A vulnerability has been found in Hindu Matrimonial Script and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cms.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-20073"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-21T06:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been found in Hindu Matrimonial Script and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cms.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-p26j-6c6c-jvp3",
  "modified": "2022-06-29T00:00:26Z",
  "published": "2022-06-22T00:01:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-20073"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.95413"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/41044"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P297-P5CX-35QX

Vulnerability from github – Published: 2025-09-04 12:30 – Updated: 2025-09-04 15:30
VLAI

{
  "affected": [],
  "aliases": [
    "CVE-2025-36904"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-04T10:42:30Z",
    "severity": "CRITICAL"
  },
  "details": "N/A",
  "id": "GHSA-p297-p5cx-35qx",
  "modified": "2025-09-04T15:30:28Z",
  "published": "2025-09-04T12:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36904"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/pixel/2025-09-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P2C8-Q49F-8F5V

Vulnerability from github – Published: 2023-05-06 00:30 – Updated: 2024-04-04 03:50
VLAI
Details

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-29350"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-05T23:15:09Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability",
  "id": "GHSA-p2c8-q49f-8f5v",
  "modified": "2024-04-04T03:50:00Z",
  "published": "2023-05-06T00:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29350"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29350"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202309-17"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P2J5-8C6Q-M7CW

Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2022-05-13 01:43
VLAI
Details

In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-13721"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-10T01:30:00Z",
    "severity": "MODERATE"
  },
  "details": "In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.",
  "id": "GHSA-p2j5-8c6q-m7cw",
  "modified": "2022-05-13T01:43:15Z",
  "published": "2022-05-13T01:43:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13721"
    },
    {
      "type": "WEB",
      "url": "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b95f25af141d33a65f6f821ea9c003f66a01e1f1"
    },
    {
      "type": "WEB",
      "url": "https://lists.x.org/archives/xorg-announce/2017-October/002808.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201710-30"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2017/dsa-4000"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2017/10/04/10"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/101238"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P2MJ-G72Q-WQ82

Vulnerability from github – Published: 2022-05-24 17:15 – Updated: 2024-03-21 03:33
VLAI
Details

In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of Incorrect Access Control.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-11967"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-862"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-04-21T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of Incorrect Access Control.",
  "id": "GHSA-p2mj-g72q-wq82",
  "modified": "2024-03-21T03:33:54Z",
  "published": "2022-05-24T17:15:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11967"
    },
    {
      "type": "WEB",
      "url": "https://evenroute.com"
    },
    {
      "type": "WEB",
      "url": "https://evenroute.zendesk.com/hc/en-us/articles/216107838-How-do-I-configure-an-IQrouter-"
    },
    {
      "type": "WEB",
      "url": "https://openwrt.org/docs/guide-quick-start/walkthrough_login"
    },
    {
      "type": "WEB",
      "url": "https://pastebin.com/grSCSBSu"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P2PH-JWV2-CRJM

Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2022-07-13 00:00
VLAI
Details

In shouldLockKeyguard of LockTaskController.java, there is a possible way to exit App Pinning without a PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-176801033

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-0472"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-11T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "In shouldLockKeyguard of LockTaskController.java, there is a possible way to exit App Pinning without a PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-176801033",
  "id": "GHSA-p2ph-jwv2-crjm",
  "modified": "2022-07-13T00:00:59Z",
  "published": "2022-05-24T19:05:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0472"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2021-05-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P2VR-QM33-HRFC

Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2024-04-04 00:28
VLAI
Details

A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-3805"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-364"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-03T20:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.",
  "id": "GHSA-p2vr-qm33-hrfc",
  "modified": "2024-04-04T00:28:34Z",
  "published": "2022-05-24T16:45:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3805"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:1106"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:1107"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:1108"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:1140"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2413"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0727"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3805"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20190517-0004"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P2VX-QJ66-88Q3

Vulnerability from github – Published: 2023-12-12 03:31 – Updated: 2024-09-30 13:40
VLAI
Summary
Escalation of privileges in @sap/xssec
Details

SAP BTP Security Services Integration Library ([Node.js] @sap/xssec - versions < 3.6.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@sap/xssec"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.6.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-49583"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-639",
      "CWE-749"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-12-20T17:57:49Z",
    "nvd_published_at": "2023-12-12T02:15:07Z",
    "severity": "CRITICAL"
  },
  "details": "SAP\u00a0BTP\u00a0Security Services Integration Library ([Node.js] @sap/xssec - versions \u003c 3.6.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.\n\n",
  "id": "GHSA-p2vx-qj66-88q3",
  "modified": "2024-09-30T13:40:50Z",
  "published": "2023-12-12T03:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49583"
    },
    {
      "type": "WEB",
      "url": "https://blogs.sap.com/2023/12/12/unveiling-critical-security-updates-sap-btp-security-note-3411067"
    },
    {
      "type": "WEB",
      "url": "https://me.sap.com/notes/3411067"
    },
    {
      "type": "WEB",
      "url": "https://me.sap.com/notes/3412456"
    },
    {
      "type": "WEB",
      "url": "https://me.sap.com/notes/3413475"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/package/@sap/xssec"
    },
    {
      "type": "WEB",
      "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Escalation of privileges in @sap/xssec"
}

GHSA-P2WJ-VRPH-269R

Vulnerability from github – Published: 2022-05-13 01:50 – Updated: 2022-05-13 01:50
VLAI
Details

An issue was discovered in hitshop through 2014-07-15. There is an elevation-of-privilege vulnerability (that allows control over the whole web site) via the admin.php/user/add URI because a storekeeper account (which is supposed to have only privileges for commodity management) can add an administrator account.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-19853"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-12-04T09:29:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in hitshop through 2014-07-15. There is an elevation-of-privilege vulnerability (that allows control over the whole web site) via the admin.php/user/add URI because a storekeeper account (which is supposed to have only privileges for commodity management) can add an administrator account.",
  "id": "GHSA-p2wj-vrph-269r",
  "modified": "2022-05-13T01:50:53Z",
  "published": "2022-05-13T01:50:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19853"
    },
    {
      "type": "WEB",
      "url": "https://github.com/liu946/hitshop/issues/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-48
Architecture and Design

Strategy: Separation of Privilege

Follow the principle of least privilege when assigning access rights to entities in a software system.

Mitigation MIT-49
Architecture and Design

Strategy: Separation of Privilege

Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

CAPEC-122: Privilege Abuse

An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.

CAPEC-233: Privilege Escalation

An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.

CAPEC-58: Restful Privilege Elevation

An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.