CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,838 vulnerabilities with CWE-269
CVE-2016-10010 HIGH
OpenSSH <7.4 - Privilege Escalation
CVSS 7.0
CVE-2016-3376 HIGH
Windows Kernel-Mode Drivers - Privilege Escalation via Crafted Application
CVSS 7.8
CVE-2016-2067 HIGH
Android < 6.0.1 and Linux Kernel 3.0-3.19.8 - Privilege Escalation via MSM GPU Driver Flag Mishandling
CVSS 7.8
CVE-2016-2066 HIGH
Linux kernel 3.x - Privilege Escalation
CVSS 7.8
CVE-2016-2061 HIGH
Linux kernel 3.x - Privilege Escalation
CVSS 7.8
CVE-2016-2059 HIGH
Linux kernel 3.x - Privilege Escalation/DoS
CVSS 7.0
CVE-2016-2854 HIGH
Linux Kernel 3.0.0-3.19.8 - Privilege Escalation via aufs POSIX ACL Handling
CVSS 7.8
CVE-2016-2853 HIGH
Linux Kernel 3.0.0-3.19.8 - Privilege Escalation via aufs and FUSE Mount Namespace Bypass
CVSS 7.8
CVE-2016-1575 HIGH
Linux kernel <4.5.2 - Privilege Escalation
CVSS 7.8
CVE-2016-0151 HIGH KEV
Windows 8.1, 10, RT 8.1, Server 2012 - Privilege Escalation via CSRSS Token Mismanagement
CVSS 7.8
CVE-2016-1572 HIGH
eCryptfs-utils - Privilege Escalation
CVSS 8.4
CVE-2015-10139 HIGH
WPLMS <1.8.4.1 - Privilege Escalation
CVSS 8.8
CVE-2015-4719 CRITICAL
Pexip Infinity < 10 - Improper Privilege Management via Client API Authentication
CVSS 9.8
CVE-2015-8032 MEDIUM
Textpattern <4.5.7 - Privilege Escalation
CVSS 5.3
CVE-2015-8534 HIGH
Lenovo Solution Center <3.3.002 - Privilege Escalation
CVSS 7.8
CVE-2015-7334 HIGH
Lenovo System Update < 5.07.0008 - Local Privilege Escalation via SUService.exe /type COMMAND
CVSS 7.8
CVE-2015-7333 HIGH
Lenovo System Update < 5.07.0008 - Local Privilege Escalation via SUService.exe Command Types
CVSS 7.8
CVE-2015-2909 CRITICAL
Dedicated Micros DV-IP Express SD Advanced SD EcoSense and DS2 - Unauthenticated Access via Default Credentials
CVSS 9.8
CVE-2015-3613 CRITICAL
FortiManager <5.2.1 & <5.0.10 - Info Disclosure
CVSS 9.8
CVE-2015-0949 HIGH
Dell Latitude E6430 BIOS A09 and HP EliteBook 850 G1 BIOS L71 Ver. 01.09 - Privilege Escalation via SMM SMRAM Bypass
CVSS 7.8
CVE-2015-5072 MEDIUM
BMC Remedy AR System Server - Authenticated Arbitrary File Read via BIRT Engine __imageid Parameter
CVSS 6.5
CVE-2015-5071 MEDIUM
BMC Remedy AR System Server - Authenticated Arbitrary File Read via BIRT Viewer __report Parameter
CVSS 6.5
CVE-2015-5466 HIGH
XGI WindowsXP Display Manager <6.14.10.1090 - Privilege Escalation
CVSS 7.8
CVE-2015-7556 HIGH
DeleGate 9.9.13 - Privilege Escalation
CVSS 7.8
CVE-2015-7831 HIGH
Cloudera Hue - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities 2,838
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits