CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,834 vulnerabilities with CWE-269
CVE-2023-33966 HIGH
Deno 1.34.0 - Improper Privilege Management in Node HTTP/HTTPS Modules
CVSS 8.6
CVE-2023-29734 CRITICAL
edjing Mix 7.09.01 - Privilege Escalation via Database Manipulation
CVSS 9.8
CVE-2023-32696 HIGH
CKAN < 2.9.9 and < 2.10.1 - Privilege Escalation via Sudo Access
CVSS 8.8
CVE-2023-30601 HIGH
Apache Cassandra 4.0.0-4.0.9 and 4.1.0-4.1.1 - Privilege Escalation via FQL/Audit Log Configuration
CVSS 7.8
CVE-2023-31062 CRITICAL
Apache InLong <1.7.0 - Privilege Escalation
CVSS 9.8
CVE-2023-1694 HIGH
Settings Module - Privilege Escalation
CVSS 7.5
CVE-2023-1693 HIGH
Settings Module - Privilege Escalation
CVSS 7.5
CVE-2023-2679 MEDIUM
Snow Software SPE <9.27.0 - Info Disclosure
CVSS 4.1
CVE-2023-29819 MEDIUM
Webroot SecureAnywhere < 9.0.33.39 - Privilege Escalation via Crafted Payload
CVSS 5.5
CVE-2023-25834 MEDIUM
Portal for ArcGIS 10.7.1-10.9.1 - Improper Privilege Management
CVSS 5.4
CVE-2023-29350 HIGH
Microsoft Edge < - Privilege Escalation
CVSS 7.5
CVE-2023-22651 CRITICAL
SUSE Rancher 2.6.0-2.7.1 and 2.7.2 - Privilege Escalation via Admission Webhook Misconfiguration
CVSS 9.9
CVE-2023-29056 MEDIUM
Lenovo ThinkAgile HX Series Firmware - Improper Privilege Management
CVSS 5.3
CVE-2023-1966 HIGH
Instruments with Illumina Universal Copy Service v1.x-v2.x - Privil...
CVSS 7.4
CVE-2023-30024 MEDIUM
magicJack A921 Firmware - Unauthenticated Arbitrary Code Execution via Hidden NAND Flash Partition
CVSS 6.6
CVE-2023-28261 MEDIUM
Microsoft Edge Chromium < 110.0.1587.78 and < 111.0.1661.54 - Elevation of Privilege
CVSS 5.7
CVE-2023-26246 HIGH
Hyundai Gen5W_L - Privilege Escalation
CVSS 7.8
CVE-2023-26245 HIGH
Hyundai Gen5W_L - Privilege Escalation
CVSS 7.8
CVE-2023-26244 HIGH
Hyundai Gen5W_L - Privilege Escalation
CVSS 7.8
CVE-2023-26243 HIGH
Hyundai Gen5W_L Infotainment Firmware AE_E_PE_EUR.S5W_L001.001.211214 - Info Leak & Arbitrary Firmware Install
CVSS 7.8
CVE-2023-30622 MEDIUM
clusternet < 0.15.2 - Cluster-Level Privilege Escalation via cluster-hub Service Account
CVSS 6.7
CVE-2023-25133 CRITICAL
PowerPanel Business < 4.8.6 - Improper Privilege Management in default.cmd
CVSS 9.1
CVE-2023-2240 HIGH
microweber < 1.3.4 - Improper Privilege Management
CVSS 8.8
CVE-2023-28122 HIGH
UI Desktop < 0.62.3.0 - Local Privilege Escalation to SYSTEM
CVSS 7.8
CVE-2023-22645 HIGH
kubewarden-controller < 1.6.0 - Improper Privilege Management
CVSS 8.0
Details
Vulnerabilities 2,834
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits