CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,833 vulnerabilities with CWE-269
CVE-2023-30988 HIGH
IBM i 7.2-7.5 - Local Privilege Escalation via Facsimile Support
CVSS 8.4
CVE-2023-3514 HIGH
Razer RazerCentral <=7.11.0.558 - Privilege Escalation
CVSS 7.8
CVE-2023-3513 HIGH
Razer RazerCentral <7.11.0.558 - Privilege Escalation
CVSS 7.8
CVE-2023-24491 HIGH
Citrix Secure Access - Privilege Escalation
CVSS 7.8
CVE-2023-30765 HIGH
InfraSuite Device Master < 1.0.7 - Privilege Escalation via Improper Access Controls
CVSS 8.8
CVE-2023-29256 MEDIUM
IBM Db2 10.5, 11.1, 11.5 - Information Disclosure via Federation Feature Privilege Mismanagement
CVSS 5.3
CVE-2023-27558 HIGH
IBM Db2 10.5, 11.1, 11.5 - Privilege Escalation via Unquoted Service Path
CVSS 8.4
CVE-2023-30642 MEDIUM
Samsung Android Galaxy Themes Service - Improper Privilege Management
CVSS 6.2
CVE-2023-25521 HIGH
NVIDIA DGX A100/A800 Firmware < 1.21 - Privilege Escalation via SBIOS Input Parameter Validation
CVSS 7.5
CVE-2023-21513 MEDIUM
CC Mode <SMR Jun-2023 Release 1 - Privilege Escalation
CVSS 6.1
CVE-2023-21512 LOW
Knox ID <SMR Jun-2023 Release 1 - Info Disclosure
CVSS 2.4
CVE-2023-20136 MEDIUM
Cisco Secure Workload - Privilege Escalation
CVSS 4.3
CVE-2023-34148 HIGH
Trend Micro Apex One/Apex One as a Service - Privilege Escalation
CVSS 7.8
CVE-2023-34147 HIGH
Trend Micro Apex One/Apex One as a Service - Privilege Escalation
CVSS 7.8
CVE-2023-34146 HIGH
Trend Micro Apex One/Apex One as a Service - Privilege Escalation
CVSS 7.8
CVE-2023-34465 CRITICAL
XWiki 11.8-rc-1-14.4.7 - Authenticated Privilege Escalation via Mail.MailConfig Page
CVSS 9.9
CVE-2023-31469 HIGH
Apache StreamPipes <0.92.0 - Privilege Escalation
CVSS 8.8
CVE-2023-25188 MEDIUM
NOKIA Airscale ASIKA Single RAN < 21B - Unauthenticated Privilege Escalation via AaShell Diagnostic Tool
CVSS 5.1
CVE-2023-25185 LOW
NOKIA Airscale ASIKA Single RAN < 21B - Improper Privilege Management
CVSS 3.8
CVE-2023-2847 HIGH
ESET Cyber Security/Endpoint Antivirus/Server Security <8.1.12.0 - Local Privilege Escalation
CVSS 7.8
CVE-2023-26062 HIGH
Nokia Web Element Manager <22 R1 - Privilege Escalation
CVSS 7.0
CVE-2023-2833 HIGH
ReviewX plugin <1.6.13 - Privilege Escalation
CVSS 8.8
CVE-2023-3027 HIGH
Grc-policy-propagator - Privilege Escalation
CVSS 7.8
CVE-2023-32713 HIGH
Splunk App for Stream < 8.1.1 - Privilege Escalation via streamfwd Process
CVSS 7.8
CVE-2023-33966 HIGH
Deno 1.34.0 - Improper Privilege Management in Node HTTP/HTTPS Modules
CVSS 8.6
Details
Vulnerabilities 2,833
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits