CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,834 vulnerabilities with CWE-269
CVE-2022-3088 HIGH
UC-8100A-ME-T <v3.5 - Path Traversal
CVSS 7.8
CVE-2022-41923 CRITICAL
Grails Spring Security Core Privilege Escalation via Endpoint Authorization Bypass
CVSS 9.1
CVE-2022-0222 HIGH
Modicon M340 - Privilege Escalation
CVSS 7.5
CVE-2022-42459 HIGH
Image Hover Effects Ultimate <= 9.7.1 - Authenticated WordPress Options Change
CVSS 7.2
CVE-2022-43308 HIGH
INTELBRAS SG 2404 MR - Privilege Escalation
CVSS 7.8
CVE-2022-43138 CRITICAL
Dolibarr Open Source ERP & CRM <14.0.1 - Privilege Escalation
CVSS 9.8
CVE-2022-45183 HIGH
PowerShell Universal 2.0.0-2.12.5 - Privilege Escalation via App Token ID Retrieval
CVSS 8.8
CVE-2022-41339 HIGH
Zoho ManageEngine Mobile Device Manager Plus <10.1.2207.5 - Privile...
CVSS 7.8
CVE-2022-39395 CRITICAL
go-vela/server < 0.16.0, go-vela/worker < 0.16.0, go-vela/ui < 0.17.0 - Privilege Escalation
CVSS 9.6
CVE-2022-37015 CRITICAL
Symantec Endpoint Detection and Response < 4.7.0 - Privilege Escalation
CVSS 9.8
CVE-2022-44733 HIGH
Acronis Cyber Protect Home Office < 39900 - Local Privilege Escalation via Insecure Folder Permissions
CVSS 7.8
CVE-2022-44732 HIGH
Acronis Cyber Protect Home Office < 39900 - Local Privilege Escalation via Insecure Folder Permissions
CVSS 7.8
CVE-2022-42796 HIGH
iPadOS < 15.7 - Privilege Escalation
CVSS 7.8
CVE-2022-32907 HIGH
iPhone OS < 16.0 - Arbitrary Code Execution with Kernel Privileges
CVSS 7.8
CVE-2022-32794 HIGH
macOS 10.15-10.15.6 and 11.0-11.6.5 - Privilege Escalation via Logic Issue
CVSS 7.8
CVE-2022-3369 HIGH
Bitdefender Engines <7.92659 - Privilege Escalation
CVSS 8.6
CVE-2022-3419 MEDIUM
Automatic User Roles Switcher < 1.1.2 - Authenticated Privilege Escalation via Missing Authorization
CVSS 6.5
CVE-2022-41974 HIGH
multipath-tools 0.7.0-0.9.1 - Local Privilege Escalation via Repeated Keyword
CVSS 7.8
CVE-2022-39286 HIGH
Jupyter Core <4.11.2 - Code Injection
CVSS 8.8
CVE-2022-43749 MEDIUM
Synology Presto File Server <2.1.2-1601 - Privilege Escalation
CVSS 4.3
CVE-2022-28169 HIGH
Brocade Fabric OS 8.0.0-8.2.3c - Privilege Escalation via Operator Session ID Spoofing
CVSS 8.8
CVE-2022-34438 MEDIUM
Dell PowerScale OneFS 9.1.0.0-9.1.0.21 - Authenticated Privilege Escalation
CVSS 6.7
CVE-2022-41835 HIGH
F5OS-A/F5OS-C <1.1.0/<1.5.0 - Privilege Escalation
CVSS 7.3
CVE-2022-39422 HIGH
Oracle VM VirtualBox < 6.1.38 - Authenticated Privilege Escalation
CVSS 7.5
CVE-2022-22239 HIGH
Juniper Networks Junos OS Evolved - Privilege Escalation
CVSS 8.2
Details
Vulnerabilities 2,834
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits