CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,832 vulnerabilities with CWE-269
CVE-2023-5978 HIGH
FreeBSD 13.0-13.2 - Improper Privilege Management in cap_net libcasper Service
CVSS 7.5
CVE-2023-46771 HIGH
Face Unlock Module - Info Disclosure
CVSS 7.5
CVE-2023-35140 MEDIUM
Zyxel GS1900 Series Firmware < 2.70 - Authenticated Privilege Escalation via Read-Only Access
CVSS 5.5
CVE-2023-41036 HIGH
MacVim < 178 - Privilege Escalation via Insecure Distributed Objects IPC
CVSS 7.8
CVE-2023-43018 MEDIUM
IBM CICS TX Standard <11.1, Advanced <10.1.11.1 - Privilege Escalation
CVSS 5.9
CVE-2023-5408 HIGH
OpenShift Container Platform - Privilege Escalation via Node Role Label Modification
CVSS 7.2
CVE-2023-20048 CRITICAL
Cisco Firepower Management Center - Privilege Escalation
CVSS 9.9
CVE-2023-5847 MEDIUM
Nessus < 10.6.2 and Nessus Agent < 10.4.3 - Privilege Escalation via Crafted File During Installation or Upgrade
CVSS 6.7
CVE-2023-5739 HIGH
HP Image Assistant < 5.1.8 - Improper Privilege Management
CVSS 7.8
CVE-2023-47101 HIGH
Securepoint SSL VPN Client < 2.0.40 - Local Privilege Escalation via Installer
CVSS 7.8
CVE-2023-21397 HIGH
Android < 14.0 - Local Privilege Escalation via Insecure WiFi Network Default
CVSS 7.8
CVE-2023-21396 HIGH
Android < 14.0 - Local Privilege Escalation via Activity Manager Logic Error
CVSS 7.8
CVE-2023-21376 MEDIUM
Android < 14.0 - Unauthenticated Local Information Disclosure via Telephony ICCID Retrieval
CVSS 5.5
CVE-2023-21374 HIGH
Android - Factory Reset Protection Bypass via System UI Logic Error
CVSS 7.8
CVE-2023-21343 HIGH
Android < 14.0 - Local Privilege Escalation via Unsafe PendingIntent in ActivityStarter
CVSS 7.8
CVE-2023-40685 HIGH
IBM i 7.2-7.5 - Local Privilege Escalation via Management Central
CVSS 7.4
CVE-2023-40686 MEDIUM
IBM i 7.2-7.5 - Local Privilege Escalation via Management Central
CVSS 4.9
CVE-2023-44219 HIGH
SonicWall Directory Services Connector < 4.1.22 - Local Privilege Escalation via Recovery Feature
CVSS 7.8
CVE-2023-34057 HIGH
VMware Tools - Privilege Escalation
CVSS 7.8
CVE-2023-5622 HIGH
Nessus Network Monitor < 6.3.0 - Privilege Escalation via File Replacement
CVSS 7.1
CVE-2023-41966 MEDIUM
Sielco Analog FM Transmitter Firmware - Privilege Escalation via HTTP POST Parameter
CVSS 6.5
CVE-2023-5671 HIGH
HP Print and Scan Doctor - Privilege Escalation
CVSS 7.8
CVE-2023-4607 HIGH
Lenovo ThinkAgile HX/MX Series Firmware - Authenticated Privilege Escalation via API Command
CVSS 7.5
CVE-2023-43506 HIGH
ClearPass OnGuard - Privilege Escalation
CVSS 7.8
CVE-2023-39740 HIGH
Onigiriya-musubee 13.6.1 - Client Secret Leakage and Unauthorized Broadcast Message Sending
CVSS 8.2
Details
Vulnerabilities 2,832
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits