Common Weakness Enumeration

CWE-269

Discouraged

Improper Privilege Management

Abstraction: Class · Status: Draft

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

5455 vulnerabilities reference this CWE, most recent first.

CVE-2023-46145 (GCVE-0-2023-46145)

Vulnerability from cvelistv5 – Published: 2024-05-17 08:32 – Updated: 2026-04-28 16:08
VLAI
Title
WordPress Themify Ultra theme <= 7.3.5 - Authenticated Privilege Escalation vulnerability
Summary
Improper Privilege Management vulnerability in Themify Themify Ultra allows Privilege Escalation.This issue affects Themify Ultra: from n/a through 7.3.5.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
Themify Themify Ultra Affected: n/a , ≤ 7.3.5 (custom)
Create a notification for this product.
Credits
Rafie Muhammad (Patchstack)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-46145",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-17T17:11:03.932967Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:19.323Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:37:39.993Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://patchstack.com/database/vulnerability/themify-ultra/wordpress-themify-ultra-theme-7-3-3-authenticated-privilege-escalation-vulnerability?_s_id=cve"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Themify Ultra",
          "vendor": "Themify",
          "versions": [
            {
              "changes": [
                {
                  "at": "7.3.6",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "7.3.5",
              "status": "affected",
              "version": "n/a",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Rafie Muhammad (Patchstack)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Privilege Management vulnerability in Themify Themify Ultra allows Privilege Escalation.\u003cp\u003eThis issue affects Themify Ultra: from n/a through 7.3.5.\u003c/p\u003e"
            }
          ],
          "value": "Improper Privilege Management vulnerability in Themify Themify Ultra allows Privilege Escalation.This issue affects Themify Ultra: from n/a through 7.3.5."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-28T16:08:45.612Z",
        "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "shortName": "Patchstack"
      },
      "references": [
        {
          "tags": [
            "vdb-entry"
          ],
          "url": "https://patchstack.com/database/vulnerability/themify-ultra/wordpress-themify-ultra-theme-7-3-3-authenticated-privilege-escalation-vulnerability?_s_id=cve"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update to 7.3.6 or a higher version."
            }
          ],
          "value": "Update to 7.3.6 or a higher version."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "WordPress Themify Ultra theme \u003c= 7.3.5 - Authenticated Privilege Escalation vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
    "assignerShortName": "Patchstack",
    "cveId": "CVE-2023-46145",
    "datePublished": "2024-05-17T08:32:43.678Z",
    "dateReserved": "2023-10-17T09:06:01.054Z",
    "dateUpdated": "2026-04-28T16:08:45.612Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-45581 (GCVE-0-2023-45581)

Vulnerability from cvelistv5 – Published: 2024-02-15 13:59 – Updated: 2024-08-02 20:21
VLAI
Summary
An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0 through 7.2.2 and before 7.0.10 allows an Site administrator with Super Admin privileges to perform global administrative operations affecting other sites via crafted HTTP or HTTPS requests.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Execute unauthorized code or commands
Assigner
References
Impacted products
Vendor Product Version
Fortinet FortiClientEMS Affected: 7.2.0 , ≤ 7.2.2 (semver)
Affected: 7.0.6 , ≤ 7.0.10 (semver)
Affected: 7.0.0 , ≤ 7.0.4 (semver)
Affected: 6.4.7 , ≤ 6.4.9 (semver)
Affected: 6.4.0 , ≤ 6.4.4 (semver)
Affected: 6.2.6 , ≤ 6.2.9 (semver)
Affected: 6.2.0 , ≤ 6.2.4 (semver)
Create a notification for this product.
fortinet forticlient_enterprise_management_server Affected: 6.2.0 , < 6.3 (custom)
Affected: 6.4.0 , < 6.5 (custom)
Affected: 7.0.0 , ≤ 7.0.4 (custom)
Affected: 7.0.6 , ≤ 7.0.10 (custom)
Affected: 7.2.0 , ≤ 7.2.2 (custom)
    cpe:2.3:a:fortinet:forticlient_enterprise_management_server:6.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:forticlient_enterprise_management_server:6.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:forticlient_enterprise_management_server:7.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:forticlient_enterprise_management_server:7.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:forticlient_enterprise_management_server:7.2.0:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:fortinet:forticlient_enterprise_management_server:6.2.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:fortinet:forticlient_enterprise_management_server:6.4.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:fortinet:forticlient_enterprise_management_server:7.0.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:fortinet:forticlient_enterprise_management_server:7.0.6:*:*:*:*:*:*:*",
              "cpe:2.3:a:fortinet:forticlient_enterprise_management_server:7.2.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "forticlient_enterprise_management_server",
            "vendor": "fortinet",
            "versions": [
              {
                "lessThan": "6.3",
                "status": "affected",
                "version": "6.2.0",
                "versionType": "custom"
              },
              {
                "lessThan": "6.5",
                "status": "affected",
                "version": "6.4.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.0.4",
                "status": "affected",
                "version": "7.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.0.10",
                "status": "affected",
                "version": "7.0.6",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.2.2",
                "status": "affected",
                "version": "7.2.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-45581",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-09T17:06:14.506422Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-09T17:08:17.614Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:21:16.534Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://fortiguard.com/psirt/FG-IR-23-357",
            "tags": [
              "x_transferred"
            ],
            "url": "https://fortiguard.com/psirt/FG-IR-23-357"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FortiClientEMS",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.2.2",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.10",
              "status": "affected",
              "version": "7.0.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.4",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.9",
              "status": "affected",
              "version": "6.4.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.4",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.9",
              "status": "affected",
              "version": "6.2.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.4",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0 through 7.2.2 and before 7.0.10 allows an\u00a0Site administrator with Super Admin privileges to perform global administrative operations affecting other sites via crafted HTTP or HTTPS requests."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.9,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:U",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-15T13:59:23.728Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.com/psirt/FG-IR-23-357",
          "url": "https://fortiguard.com/psirt/FG-IR-23-357"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiClientEMS version 7.2.3 or above \nPlease upgrade to FortiClientEMS version 7.0.11 or above \n"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2023-45581",
    "datePublished": "2024-02-15T13:59:23.728Z",
    "dateReserved": "2023-10-09T08:01:29.296Z",
    "dateUpdated": "2024-08-02T20:21:16.534Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-45083 (GCVE-0-2023-45083)

Vulnerability from cvelistv5 – Published: 2023-12-05 16:15 – Updated: 2024-08-02 20:14
VLAI
Title
HyperCloud: "admin" and "serveradmin" users can be deleted
Summary
An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able to delete the "admin" or "serveradmin" users, which prevents authentication from subsequently succeeding. This issue affects HyperCloud versions 1.0 to any release before 2.1.
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
SoftIron HyperCloud Affected: 1.0 , < 2.1 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:14:19.769Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://advisories.softiron.cloud"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "HyperCloud",
          "vendor": "SoftIron",
          "versions": [
            {
              "lessThan": "2.1",
              "status": "affected",
              "version": "1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eAn Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eAn authenticated admin-level user may be able to delete the \"admin\" or \"serveradmin\" users, which prevents authentication from subsequently succeeding.\u003cbr\u003e\u003c/div\u003e\u003cp\u003eThis issue affects HyperCloud versions 1.0 to any release before 2.1.\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane.\n\nAn authenticated admin-level user may be able to delete the \"admin\" or \"serveradmin\" users, which prevents authentication from subsequently succeeding.\n\nThis issue affects HyperCloud versions 1.0 to any release before 2.1.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-212",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-212 Functionality Misuse"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-05T18:16:19.841Z",
        "orgId": "0a72a055-908d-47f5-a16a-1f09049c16c6",
        "shortName": "SoftIron"
      },
      "references": [
        {
          "url": "https://advisories.softiron.cloud"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "HyperCloud: \"admin\" and \"serveradmin\" users can be deleted",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "0a72a055-908d-47f5-a16a-1f09049c16c6",
    "assignerShortName": "SoftIron",
    "cveId": "CVE-2023-45083",
    "datePublished": "2023-12-05T16:15:07.027Z",
    "dateReserved": "2023-10-03T19:37:55.180Z",
    "dateUpdated": "2024-08-02T20:14:19.769Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-44250 (GCVE-0-2023-44250)

Vulnerability from cvelistv5 – Published: 2024-01-10 17:51 – Updated: 2024-11-14 17:25
VLAI
Summary
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Execute unauthorized code or commands
Assigner
References
Impacted products
Vendor Product Version
Fortinet FortiOS Affected: 7.4.0 , ≤ 7.4.1 (semver)
Affected: 7.2.5
Create a notification for this product.
Fortinet FortiProxy Affected: 7.4.0 , ≤ 7.4.1 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:59:51.922Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://fortiguard.com/psirt/FG-IR-23-315",
            "tags": [
              "x_transferred"
            ],
            "url": "https://fortiguard.com/psirt/FG-IR-23-315"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-44250",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T17:24:51.505933Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T17:25:04.152Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FortiOS",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.4.1",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "7.2.5"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "FortiProxy",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.4.1",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-10T17:51:37.440Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.com/psirt/FG-IR-23-315",
          "url": "https://fortiguard.com/psirt/FG-IR-23-315"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiProxy version 7.4.2 or above \n"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2023-44250",
    "datePublished": "2024-01-10T17:51:37.440Z",
    "dateReserved": "2023-09-27T12:26:48.750Z",
    "dateUpdated": "2024-11-14T17:25:04.152Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-44219 (GCVE-0-2023-44219)

Vulnerability from cvelistv5 – Published: 2023-10-27 07:22 – Updated: 2024-09-09 15:23
VLAI
Summary
A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI client 4.1.21 and earlier versions allows a local low-privileged user to gain system privileges through running the recovery feature.
Severity
No CVSS data available.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
SonicWall Directory Services Connector Affected: 4.1.21 and earlier versions
Create a notification for this product.
sonicwall directory_services_connector Affected: 0 , < 4.1.21 (custom)
    cpe:2.3:a:sonicwall:directory_services_connector:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2023-10-27 07:20
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:59:51.552Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0016"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:sonicwall:directory_services_connector:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "directory_services_connector",
            "vendor": "sonicwall",
            "versions": [
              {
                "lessThan": "4.1.21",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-44219",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-09T15:20:24.267411Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-09T15:23:15.042Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "platforms": [
            "Windows",
            "64 bit",
            "32 bit"
          ],
          "product": "Directory Services Connector",
          "vendor": "SonicWall",
          "versions": [
            {
              "status": "affected",
              "version": "4.1.21 and earlier versions"
            }
          ]
        }
      ],
      "datePublic": "2023-10-27T07:20:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI client 4.1.21 and earlier versions allows a local low-privileged user to gain system privileges through running the recovery feature."
            }
          ],
          "value": "A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI client 4.1.21 and earlier versions allows a local low-privileged user to gain system privileges through running the recovery feature."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-27T07:22:35.702Z",
        "orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
        "shortName": "sonicwall"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0016"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
    "assignerShortName": "sonicwall",
    "cveId": "CVE-2023-44219",
    "datePublished": "2023-10-27T07:22:35.702Z",
    "dateReserved": "2023-09-26T23:29:39.789Z",
    "dateUpdated": "2024-09-09T15:23:15.042Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-44217 (GCVE-0-2023-44217)

Vulnerability from cvelistv5 – Published: 2023-10-03 07:54 – Updated: 2024-09-20 18:42
VLAI
Summary
A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
SonicWall NetExtender Affected: 10.2.336 and earlier versions
Create a notification for this product.
sonicwall netextender Affected: 0 , ≤ 10.2.336 (custom)
    cpe:2.3:a:sonicwall:netextender:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2023-10-03 07:46
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:59:51.646Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0013"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:sonicwall:netextender:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "netextender",
            "vendor": "sonicwall",
            "versions": [
              {
                "lessThanOrEqual": "10.2.336",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-44217",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-20T18:40:56.967797Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-20T18:42:40.087Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "platforms": [
            "Windows"
          ],
          "product": "NetExtender",
          "vendor": "SonicWall",
          "versions": [
            {
              "status": "affected",
              "version": "10.2.336 and earlier versions"
            }
          ]
        }
      ],
      "datePublic": "2023-10-03T07:46:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality.\u003c/span\u003e\n\n"
            }
          ],
          "value": "\nA local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality.\n\n"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269: Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-03T07:54:14.937Z",
        "orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
        "shortName": "sonicwall"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0013"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
    "assignerShortName": "sonicwall",
    "cveId": "CVE-2023-44217",
    "datePublished": "2023-10-03T07:54:14.937Z",
    "dateReserved": "2023-09-26T23:29:39.789Z",
    "dateUpdated": "2024-09-20T18:42:40.087Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-44105 (GCVE-0-2023-44105)

Vulnerability from cvelistv5 – Published: 2023-10-11 12:06 – Updated: 2024-09-19 13:11
VLAI
Summary
Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally.
Severity
No CVSS data available.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
Impacted products
Vendor Product Version
Huawei HarmonyOS Affected: 4.0.0
Affected: 3.1.0
Affected: 3.0.0
Affected: 2.1.0
Affected: 2.0.1
Affected: 2.0.0
Create a notification for this product.
Huawei EMUI Affected: 13.0.0
Affected: 12.0.1
Affected: 12.0.0
Affected: 11.0.1
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:59:50.815Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://consumer.huawei.com/en/support/bulletin/2023/10/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-44105",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-19T13:11:19.881014Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-19T13:11:26.607Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "HarmonyOS",
          "vendor": "Huawei",
          "versions": [
            {
              "status": "affected",
              "version": "4.0.0"
            },
            {
              "status": "affected",
              "version": "3.1.0"
            },
            {
              "status": "affected",
              "version": "3.0.0"
            },
            {
              "status": "affected",
              "version": "2.1.0"
            },
            {
              "status": "affected",
              "version": "2.0.1"
            },
            {
              "status": "affected",
              "version": "2.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EMUI",
          "vendor": "Huawei",
          "versions": [
            {
              "status": "affected",
              "version": "13.0.0"
            },
            {
              "status": "affected",
              "version": "12.0.1"
            },
            {
              "status": "affected",
              "version": "12.0.0"
            },
            {
              "status": "affected",
              "version": "11.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally."
            }
          ],
          "value": "Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-11T12:06:03.840Z",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "url": "https://consumer.huawei.com/en/support/bulletin/2023/10/"
        },
        {
          "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2023-44105",
    "datePublished": "2023-10-11T12:06:03.840Z",
    "dateReserved": "2023-09-25T09:11:04.624Z",
    "dateUpdated": "2024-09-19T13:11:26.607Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-43664 (GCVE-0-2023-43664)

Vulnerability from cvelistv5 – Published: 2023-09-28 18:16 – Updated: 2024-09-20 19:26
VLAI
Title
Employee without any access rights can list all installed modules in Prestashop
Summary
PrestaShop is an Open Source e-commerce web application. In the Prestashop Back office interface, an employee can list all modules without any access rights: method `ajaxProcessGetPossibleHookingListForModule` doesn't check access rights. This issue has been addressed in commit `15bd281c` which is included in version 8.1.2. Users are advised to upgrade. There are no known workaround for this issue.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
PrestaShop PrestaShop Affected: < 8.1.2
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:44:43.845Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gvrg-62jp-rf7j",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gvrg-62jp-rf7j"
          },
          {
            "name": "https://github.com/PrestaShop/PrestaShop/commit/15bd281c18f032a5134a8d213b44d24829d45762",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/PrestaShop/PrestaShop/commit/15bd281c18f032a5134a8d213b44d24829d45762"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-43664",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-20T17:48:03.346969Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-20T19:26:46.506Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PrestaShop",
          "vendor": "PrestaShop",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 8.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "PrestaShop is an Open Source e-commerce web application. In the Prestashop Back office interface, an employee can list all modules without any access rights: method `ajaxProcessGetPossibleHookingListForModule` doesn\u0027t check access rights. This issue has been addressed in commit `15bd281c` which is included in version 8.1.2. Users are advised to upgrade. There are no known workaround for this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269: Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-28T18:16:57.658Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gvrg-62jp-rf7j",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gvrg-62jp-rf7j"
        },
        {
          "name": "https://github.com/PrestaShop/PrestaShop/commit/15bd281c18f032a5134a8d213b44d24829d45762",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/PrestaShop/PrestaShop/commit/15bd281c18f032a5134a8d213b44d24829d45762"
        }
      ],
      "source": {
        "advisory": "GHSA-gvrg-62jp-rf7j",
        "discovery": "UNKNOWN"
      },
      "title": "Employee without any access rights can list all installed modules in Prestashop"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-43664",
    "datePublished": "2023-09-28T18:16:57.658Z",
    "dateReserved": "2023-09-20T15:35:38.148Z",
    "dateUpdated": "2024-09-20T19:26:46.506Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-43663 (GCVE-0-2023-43663)

Vulnerability from cvelistv5 – Published: 2023-09-28 18:13 – Updated: 2024-09-20 19:32
VLAI
Title
Improper Privilege Management in Prestashop
Summary
PrestaShop is an Open Source e-commerce web application. In affected versions any module can be disabled or uninstalled from back office, even with low user right. This allows low privileged users to disable portions of a shops functionality. Commit `ce1f6708` addresses this issue and is included in version 8.1.2. Users are advised to upgrade. There are no known workarounds for this issue.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
PrestaShop PrestaShop Affected: < 8.1.2
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:44:43.764Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-6jmf-2pfc-q9m7",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-6jmf-2pfc-q9m7"
          },
          {
            "name": "https://github.com/PrestaShop/PrestaShop/commit/ce1f67083537194e974caf86c57e547a0aaa46cd",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/PrestaShop/PrestaShop/commit/ce1f67083537194e974caf86c57e547a0aaa46cd"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-43663",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-20T17:48:09.994728Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-20T19:32:29.398Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PrestaShop",
          "vendor": "PrestaShop",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 8.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "PrestaShop is an Open Source e-commerce web application. In affected versions any module can be disabled or uninstalled from back office, even with low user right. This allows low privileged users to disable portions of a shops functionality. Commit `ce1f6708` addresses this issue and is included in version 8.1.2. Users are advised to upgrade. There are no known workarounds for this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269: Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-28T18:13:49.216Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-6jmf-2pfc-q9m7",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-6jmf-2pfc-q9m7"
        },
        {
          "name": "https://github.com/PrestaShop/PrestaShop/commit/ce1f67083537194e974caf86c57e547a0aaa46cd",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/PrestaShop/PrestaShop/commit/ce1f67083537194e974caf86c57e547a0aaa46cd"
        }
      ],
      "source": {
        "advisory": "GHSA-6jmf-2pfc-q9m7",
        "discovery": "UNKNOWN"
      },
      "title": "Improper Privilege Management in Prestashop"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-43663",
    "datePublished": "2023-09-28T18:13:49.216Z",
    "dateReserved": "2023-09-20T15:35:38.148Z",
    "dateUpdated": "2024-09-20T19:32:29.398Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-41957 (GCVE-0-2023-41957)

Vulnerability from cvelistv5 – Published: 2024-05-17 06:56 – Updated: 2026-04-28 16:08
VLAI
Title
WordPress Simple Membership plugin <= 4.3.4 - Unauthenticated Membership Role Privilege Escalation vulnerability
Summary
Improper Privilege Management vulnerability in smp7, wp.Insider Simple Membership allows Privilege Escalation.This issue affects Simple Membership: from n/a through 4.3.4.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
smp7, wp.insider Simple Membership Affected: n/a , ≤ 4.3.4 (custom)
Create a notification for this product.
smp7_wpinsider simple_membership Affected: 0 , ≤ 4.3.4 (custom)
    cpe:2.3:a:smp7_wpinsider:simple_membership:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Rafie Muhammad (Patchstack)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:smp7_wpinsider:simple_membership:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "simple_membership",
            "vendor": "smp7_wpinsider",
            "versions": [
              {
                "lessThanOrEqual": "4.3.4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-41957",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-17T19:01:08.116372Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-05T20:52:58.051Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:09:49.437Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://patchstack.com/database/vulnerability/simple-membership/wordpress-simple-membership-plugin-4-3-4-unauthenticated-membership-role-privilege-escalation-vulnerability?_s_id=cve"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://wordpress.org/plugins",
          "defaultStatus": "unaffected",
          "packageName": "simple-membership",
          "product": "Simple Membership",
          "vendor": "smp7, wp.insider",
          "versions": [
            {
              "changes": [
                {
                  "at": "4.3.5",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "4.3.4",
              "status": "affected",
              "version": "n/a",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Rafie Muhammad (Patchstack)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Privilege Management vulnerability in smp7, wp.Insider Simple Membership allows Privilege Escalation.\u003cp\u003eThis issue affects Simple Membership: from n/a through 4.3.4.\u003c/p\u003e"
            }
          ],
          "value": "Improper Privilege Management vulnerability in smp7, wp.Insider Simple Membership allows Privilege Escalation.This issue affects Simple Membership: from n/a through 4.3.4."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-28T16:08:39.554Z",
        "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "shortName": "Patchstack"
      },
      "references": [
        {
          "tags": [
            "vdb-entry"
          ],
          "url": "https://patchstack.com/database/vulnerability/simple-membership/wordpress-simple-membership-plugin-4-3-4-unauthenticated-membership-role-privilege-escalation-vulnerability?_s_id=cve"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update to 4.3.5 or a higher version."
            }
          ],
          "value": "Update to 4.3.5 or a higher version."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "WordPress Simple Membership plugin \u003c= 4.3.4 - Unauthenticated Membership Role Privilege Escalation vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
    "assignerShortName": "Patchstack",
    "cveId": "CVE-2023-41957",
    "datePublished": "2024-05-17T06:56:37.793Z",
    "dateReserved": "2023-09-06T08:46:20.964Z",
    "dateUpdated": "2026-04-28T16:08:39.554Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-48
Architecture and Design

Strategy: Separation of Privilege

Follow the principle of least privilege when assigning access rights to entities in a software system.

Mitigation MIT-49
Architecture and Design

Strategy: Separation of Privilege

Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

CAPEC-122: Privilege Abuse

An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.

CAPEC-233: Privilege Escalation

An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.

CAPEC-58: Restful Privilege Elevation

An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.