CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,834 vulnerabilities with CWE-269
CVE-2022-39202 MEDIUM
matrix-appservice-irc < 0.35.0 - Improper Privilege Management via IRC Mode Command Parsing
CVSS 4.3
CVE-2022-36861 MEDIUM
Android SystemUI - Improper Privilege Management via Custom Permission Misuse
CVSS 5.9
CVE-2022-40297 HIGH
UBports Ubuntu Touch 16.04 - Improper Privilege Management via Sudo Passcode
CVSS 7.8
CVE-2022-36088 MEDIUM
GoCD <22.2.0 - Privilege Escalation
CVSS 5.0
CVE-2022-31166 HIGH
XWiki Platform Old Core <12.0RC1 - Privilege Escalation
CVSS 8.1
CVE-2022-30298 HIGH
FortiSOAR < 7.2.1 - Privilege Escalation via Python Command Execution
CVSS 7.0
CVE-2022-32840 HIGH
iPadOS < 15.6 - Arbitrary Code Execution with Kernel Privileges
CVSS 7.8
CVE-2022-31676 HIGH
VMware Tools 10.0.0-12.0.0 - Local Privilege Escalation
CVSS 7.8
CVE-2022-36157 HIGH
XXL-JOB < 2.3.1 and 2.4.0 - Insecure Permissions Leading to Privilege Escalation
CVSS 8.8
CVE-2022-1901 MEDIUM
Octopus Deploy <version> - Info Disclosure
CVSS 5.3
CVE-2022-2568 MEDIUM
Ansible Automation Platform - Privilege Escalation
CVSS 6.5
CVE-2022-37025 HIGH
McAfee Security Scan Plus < 4.1.262.1 - Privilege Escalation via Configuration File Tampering
CVSS 7.8
CVE-2022-37002 CRITICAL
Huawei EMUI - Privilege Escalation in SystemUI Module
CVSS 9.8
CVE-2022-31672 HIGH
VMware vRealize Operations 8.0.0-8.6.4 - Privilege Escalation to Root
CVSS 7.2
CVE-2022-20361 CRITICAL
Android - Remote Privilege Escalation via Bluetooth Cross-Transport Key Derivation Weakness
CVSS 9.8
CVE-2022-20360 HIGH
Android - Local Privilege Escalation via SecureNfcPreferenceController
CVSS 7.8
CVE-2022-20356 HIGH
Android 11-12L - Local Privilege Escalation via ActiveServices Foreground Service Validation
CVSS 7.8
CVE-2022-20347 HIGH
Android - Remote Privilege Escalation via ConnectedDeviceDashboardFragment
CVSS 8.8
CVE-2022-20239 CRITICAL
Android - Improper Privilege Management via remap_pfn_range
CVSS 9.8
CVE-2022-35782 MEDIUM
Azure Site Recovery - Privilege Escalation
CVSS 6.5
CVE-2022-35781 MEDIUM
Azure Site Recovery - Privilege Escalation
CVSS 6.5
CVE-2022-35780 MEDIUM
Azure Site Recovery - Privilege Escalation
CVSS 6.5
CVE-2022-35775 MEDIUM
Azure Site Recovery - Privilege Escalation
CVSS 6.5
CVE-2022-35774 MEDIUM
Azure Site Recovery - Privilege Escalation
CVSS 4.9
CVE-2022-35771 HIGH
Windows Defender < - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 2,834
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits