CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,829 vulnerabilities with CWE-269
CVE-2024-58104 HIGH
Trend Micro Apex One - Local Privilege Escalation via Security Agent Plug-in UI Manager
CVSS 7.3
CVE-2024-53350 HIGH
kubeslice < 1.3.1 - Improper Privilege Management via Service Account Token Access
CVSS 7.4
CVE-2024-53349 HIGH
Kuadrant < 0.11.3 - Privilege Escalation via Insecure Service Account Token Permissions
CVSS 7.4
CVE-2024-48828 MEDIUM
Dell SmartFabric OS10 10.5.4.0-10.5.4.13, 10.5.5.x, 10.5.6.x, 10.6.0.x - Improper Privilege Management
CVSS 5.5
CVE-2024-13376 HIGH
Industrial theme <1.7.8 - Privilege Escalation
CVSS 8.8
CVE-2024-57062 MEDIUM
SoundCloud IOS <7.65.2 - Privilege Escalation
CVSS 6.7
CVE-2024-54560 MEDIUM
iPadOS < 18.0 - Improper Privilege Management
CVSS 5.5
CVE-2024-13835 HIGH
Post Meta Data Manager <= 1.4.4 - Authenticated Multisite Privilege Escalation
CVSS 7.2
CVE-2024-12281 CRITICAL
Homey theme <2.4.2 - Privilege Escalation
CVSS 9.8
CVE-2024-11951 CRITICAL
Homey Login Register <2.4.0 - Privilege Escalation
CVSS 9.8
CVE-2024-24778 MEDIUM
Apache StreamPipes <0.97.0 - Privilege Escalation
CVSS 6.5
CVE-2024-8420 CRITICAL
DHVC Form <2.4.7 - Privilege Escalation
CVSS 9.8
CVE-2024-36046 CRITICAL
Infoblox NIOS <8.6.4 - Privilege Escalation
CVSS 9.8
CVE-2024-2297 HIGH
Bricks theme <1.9.6.1 - Privilege Escalation
CVSS 7.1
CVE-2024-30150 MEDIUM
HCL MyCloud - Unauthenticated Privilege Escalation and Information Disclosure
CVSS 5.3
CVE-2024-12284 HIGH
NetScaler Console and NetScaler Agent 13.1-4.43-13.1-56.18 - Authenticated Privilege Escalation
CVSS 8.8
CVE-2024-57778 HIGH
Orbe ONetView Roeador Onet-1200 - Privilege Escalation
CVSS 8.8
CVE-2024-57602 CRITICAL
EasyAppointments 1.5.0 - Privilege Escalation via index.php
CVSS 9.8
CVE-2024-51324 LOW
Baidu Antivirus <5.2.3.116083 - RCE
CVSS 3.8
CVE-2024-21966 HIGH
AMD Ryzen Master Utility - Privilege Escalation
CVSS 7.3
CVE-2024-11467 HIGH
Omnissa Horizon Client - Privilege Escalation
CVSS 7.8
CVE-2024-47770 MEDIUM
Wazuh <4.9.1 - Privilege Escalation
CVSS 4.6
CVE-2024-13343 HIGH
WooCommerce Customers Manager <31.3 - Privilege Escalation
CVSS 8.8
CVE-2024-43446 LOW
OTRS 7.0.x-8.0.x, 2023.x-2024.x & Community Edition 6.0.x - Privilege Escalation in Generic Interface
CVSS 3.5
CVE-2024-11218 HIGH
buildah >=1.38.0 <1.38.1 - Container Breakout via Race Condition in --jobs=2
CVSS 8.6
Details
Vulnerabilities 2,829
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits