CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,838 vulnerabilities with CWE-269
CVE-2017-20069 MEDIUM
Hindu Matrimonial Script - Privilege Escalation
CVSS 6.3
CVE-2017-20068 MEDIUM
Hindu Matrimonial Script - Privilege Escalation
CVSS 6.3
CVE-2017-20063 MEDIUM
Elefant CMS <1.3.13 - Privilege Escalation
CVSS 6.3
CVE-2017-20049 CRITICAL
Axis Devices - Privilege Escalation
CVSS 9.8
CVE-2017-20038 MEDIUM
SICUNET Access Controller <0.32-05z - Privilege Escalation
CVSS 6.3
CVE-2017-20037 MEDIUM
SICUNET Access Controller <0.32-05z - Privilege Escalation
CVSS 6.3
CVE-2017-20028 MEDIUM
HumHub <1.0.0 - Privilege Escalation
CVSS 5.6
CVE-2017-20025 HIGH
Solare Solar-Log <3.5.2-85 - Privilege Escalation
CVSS 7.3
CVE-2017-20023 MEDIUM
Solare Solar-Log <3.5.2-85 - Privilege Escalation
CVSS 6.3
CVE-2017-20021 MEDIUM
Solare Solar-Log <3.5.2-85 - Privilege Escalation
CVSS 6.5
CVE-2017-20002 HIGH
Debian shadow <4.5-1 - Privilege Escalation
CVSS 7.8
CVE-2017-18885 CRITICAL
Mattermost Server <4.3.0-4.1.2 - Privilege Escalation
CVSS 9.8
CVE-2017-18884 HIGH
Mattermost Server <4.3.0-4.1.2 - Privilege Escalation
CVSS 8.1
CVE-2017-18837 HIGH
NETGEAR devices <12.0.2.15 - Privilege Escalation
CVSS 7.8
CVE-2017-18830 HIGH
NETGEAR devices <12.0.2.15 - Privilege Escalation
CVSS 7.8
CVE-2017-18829 HIGH
NETGEAR devices <12.0.2.15 - Privilege Escalation
CVSS 7.8
CVE-2017-18826 HIGH
NETGEAR devices <12.0.2.15 - Privilege Escalation
CVSS 7.8
CVE-2017-18822 HIGH
NETGEAR devices <12.0.2.15 - Privilege Escalation
CVSS 7.8
CVE-2017-18838 HIGH
NETGEAR devices <12.0.2.15 - Privilege Escalation
CVSS 7.8
CVE-2017-7399 HIGH
Cloudera Manager <5.8.5-5.10.1 - Info Disclosure
CVSS 8.8
CVE-2017-18596 HIGH
Elementor <1.8.0 - Privilege Escalation
CVSS 8.8
CVE-2017-17544 HIGH
Fortinet FortiOS <5.4.0, 5.6.0-5.6.10, 6.0.0-6.0.6 Privilege Escalation via Config Restore
CVSS 7.2
CVE-2017-6924 HIGH
Drupal 8.0.0-8.3.6 - Improper Privilege Management via REST API Comment Approval
CVSS 7.4
CVE-2017-2662 MEDIUM
Katello 3.4.5 - Improper Privilege Management via Hammer Repository ID
CVSS 4.3
CVE-2017-2672 MEDIUM
Foreman < 1.15 - Unprotected Credential Exposure in Image Provisioning Logs
CVSS 6.5
Details
Vulnerabilities 2,838
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits