CWE-269
DiscouragedImproper Privilege Management
Abstraction: Class · Status: Draft
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
5436 vulnerabilities reference this CWE, most recent first.
GHSA-P24W-FV79-9HFM
Vulnerability from github – Published: 2024-10-09 18:31 – Updated: 2024-10-15 18:30A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with "Virtual system administrator (read-only)" access could use an XML API key of a "Virtual system administrator" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.
{
"affected": [],
"aliases": [
"CVE-2024-9471"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-09T17:15:21Z",
"severity": "MODERATE"
},
"details": "A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with \"Virtual system administrator (read-only)\" access could use an XML API key of a \"Virtual system administrator\" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.",
"id": "GHSA-p24w-fv79-9hfm",
"modified": "2024-10-15T18:30:49Z",
"published": "2024-10-09T18:31:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9471"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2024-9471"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:L/U:Green",
"type": "CVSS_V4"
}
]
}
GHSA-P26J-6C6C-JVP3
Vulnerability from github – Published: 2022-06-22 00:01 – Updated: 2022-06-29 00:00A vulnerability has been found in Hindu Matrimonial Script and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cms.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2017-20073"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-21T06:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been found in Hindu Matrimonial Script and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cms.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-p26j-6c6c-jvp3",
"modified": "2022-06-29T00:00:26Z",
"published": "2022-06-22T00:01:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-20073"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.95413"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/41044"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P297-P5CX-35QX
Vulnerability from github – Published: 2025-09-04 12:30 – Updated: 2025-09-04 15:30{
"affected": [],
"aliases": [
"CVE-2025-36904"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-04T10:42:30Z",
"severity": "CRITICAL"
},
"details": "N/A",
"id": "GHSA-p297-p5cx-35qx",
"modified": "2025-09-04T15:30:28Z",
"published": "2025-09-04T12:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36904"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2025-09-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P2C8-Q49F-8F5V
Vulnerability from github – Published: 2023-05-06 00:30 – Updated: 2024-04-04 03:50Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2023-29350"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-05T23:15:09Z",
"severity": "HIGH"
},
"details": "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability",
"id": "GHSA-p2c8-q49f-8f5v",
"modified": "2024-04-04T03:50:00Z",
"published": "2023-05-06T00:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29350"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29350"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202309-17"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P2J5-8C6Q-M7CW
Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2022-05-13 01:43In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.
{
"affected": [],
"aliases": [
"CVE-2017-13721"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-10-10T01:30:00Z",
"severity": "MODERATE"
},
"details": "In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.",
"id": "GHSA-p2j5-8c6q-m7cw",
"modified": "2022-05-13T01:43:15Z",
"published": "2022-05-13T01:43:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13721"
},
{
"type": "WEB",
"url": "https://cgit.freedesktop.org/xorg/xserver/commit/?id=b95f25af141d33a65f6f821ea9c003f66a01e1f1"
},
{
"type": "WEB",
"url": "https://lists.x.org/archives/xorg-announce/2017-October/002808.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201710-30"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-4000"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/10/04/10"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101238"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P2MJ-G72Q-WQ82
Vulnerability from github – Published: 2022-05-24 17:15 – Updated: 2024-03-21 03:33In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of Incorrect Access Control.
{
"affected": [],
"aliases": [
"CVE-2020-11967"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-04-21T13:15:00Z",
"severity": "HIGH"
},
"details": "In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of Incorrect Access Control.",
"id": "GHSA-p2mj-g72q-wq82",
"modified": "2024-03-21T03:33:54Z",
"published": "2022-05-24T17:15:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11967"
},
{
"type": "WEB",
"url": "https://evenroute.com"
},
{
"type": "WEB",
"url": "https://evenroute.zendesk.com/hc/en-us/articles/216107838-How-do-I-configure-an-IQrouter-"
},
{
"type": "WEB",
"url": "https://openwrt.org/docs/guide-quick-start/walkthrough_login"
},
{
"type": "WEB",
"url": "https://pastebin.com/grSCSBSu"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P2PH-JWV2-CRJM
Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2022-07-13 00:00In shouldLockKeyguard of LockTaskController.java, there is a possible way to exit App Pinning without a PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-176801033
{
"affected": [],
"aliases": [
"CVE-2021-0472"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-11T17:15:00Z",
"severity": "HIGH"
},
"details": "In shouldLockKeyguard of LockTaskController.java, there is a possible way to exit App Pinning without a PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-176801033",
"id": "GHSA-p2ph-jwv2-crjm",
"modified": "2022-07-13T00:00:59Z",
"published": "2022-05-24T19:05:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0472"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2021-05-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P2VR-QM33-HRFC
Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2024-04-04 00:28A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.
{
"affected": [],
"aliases": [
"CVE-2019-3805"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-364"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-03T20:29:00Z",
"severity": "MODERATE"
},
"details": "A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.",
"id": "GHSA-p2vr-qm33-hrfc",
"modified": "2024-04-04T00:28:34Z",
"published": "2022-05-24T16:45:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3805"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2413"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0727"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3805"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190517-0004"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P2VX-QJ66-88Q3
Vulnerability from github – Published: 2023-12-12 03:31 – Updated: 2024-09-30 13:40SAP BTP Security Services Integration Library ([Node.js] @sap/xssec - versions < 3.6.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@sap/xssec"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-49583"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-639",
"CWE-749"
],
"github_reviewed": true,
"github_reviewed_at": "2023-12-20T17:57:49Z",
"nvd_published_at": "2023-12-12T02:15:07Z",
"severity": "CRITICAL"
},
"details": "SAP\u00a0BTP\u00a0Security Services Integration Library ([Node.js] @sap/xssec - versions \u003c 3.6.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.\n\n",
"id": "GHSA-p2vx-qj66-88q3",
"modified": "2024-09-30T13:40:50Z",
"published": "2023-12-12T03:31:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49583"
},
{
"type": "WEB",
"url": "https://blogs.sap.com/2023/12/12/unveiling-critical-security-updates-sap-btp-security-note-3411067"
},
{
"type": "WEB",
"url": "https://me.sap.com/notes/3411067"
},
{
"type": "WEB",
"url": "https://me.sap.com/notes/3412456"
},
{
"type": "WEB",
"url": "https://me.sap.com/notes/3413475"
},
{
"type": "WEB",
"url": "https://www.npmjs.com/package/@sap/xssec"
},
{
"type": "WEB",
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Escalation of privileges in @sap/xssec"
}
GHSA-P2WJ-VRPH-269R
Vulnerability from github – Published: 2022-05-13 01:50 – Updated: 2022-05-13 01:50An issue was discovered in hitshop through 2014-07-15. There is an elevation-of-privilege vulnerability (that allows control over the whole web site) via the admin.php/user/add URI because a storekeeper account (which is supposed to have only privileges for commodity management) can add an administrator account.
{
"affected": [],
"aliases": [
"CVE-2018-19853"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-04T09:29:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in hitshop through 2014-07-15. There is an elevation-of-privilege vulnerability (that allows control over the whole web site) via the admin.php/user/add URI because a storekeeper account (which is supposed to have only privileges for commodity management) can add an administrator account.",
"id": "GHSA-p2wj-vrph-269r",
"modified": "2022-05-13T01:50:53Z",
"published": "2022-05-13T01:50:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19853"
},
{
"type": "WEB",
"url": "https://github.com/liu946/hitshop/issues/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-48
Strategy: Separation of Privilege
Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation MIT-49
Strategy: Separation of Privilege
Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.