CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,834 vulnerabilities with CWE-269
CVE-2022-35768 HIGH
Windows Kernel - Privilege Escalation
CVSS 7.8
CVE-2022-35765 HIGH
Storage Spaces Direct - Privilege Escalation
CVSS 7.8
CVE-2022-35764 HIGH
Storage Spaces Direct - Privilege Escalation
CVSS 7.8
CVE-2022-35763 HIGH
Storage Spaces Direct - Privilege Escalation
CVSS 7.8
CVE-2022-35762 HIGH
Storage Spaces Direct - Privilege Escalation
CVSS 7.8
CVE-2022-35761 HIGH
Windows Kernel - Privilege Escalation
CVSS 7.8
CVE-2022-34706 HIGH
Windows Local Security Authority - Improper Privilege Management
CVSS 7.8
CVE-2022-34703 HIGH
Windows Partition Management Driver - Improper Privilege Management
CVSS 7.8
CVE-2022-34699 HIGH
Windows Win32k - Improper Privilege Management
CVSS 7.8
CVE-2022-34691 HIGH
Microsoft Windows 10 - Improper Privilege Management
CVSS 8.8
CVE-2022-33646 HIGH
Azure Batch Node Agent - Privilege Escalation
CVSS 7.0
CVE-2022-33640 HIGH
System Center Operations Manager OMI - Privilege Escalation
CVSS 7.8
CVE-2022-36833 HIGH
Samsung Game Optimizing Service < 3.3.04.0 - Improper Privilege Management via Package Name Manipulation
CVSS 7.3
CVE-2022-2498 MEDIUM
GitLab 12.8-15.0.4, 15.1-15.1.3, 15.2 - Improper Privilege Management in Pipeline Subscriptions
CVSS 6.4
CVE-2022-35243 HIGH
BIG-IP 13.1.x < 13.1.5, 14.1.x < 14.1.5, 15.1.x < 15.1.5.1, 16.1.x < 16.1.3 - Privilege Escalation via iControl REST
CVSS 8.7
CVE-2022-33962 MEDIUM
BIG-IP <17.0.0.1, 16.1.x <16.1.3.1, 15.1.x <15.1.6.1, 14.1.x <14.1....
CVSS 6.7
CVE-2022-35921 LOW
fof/byobu 0.3.0-beta.2-1.1.6 - Improper Privilege Management
CVSS 3.5
CVE-2022-2317 CRITICAL
Simple Membership <4.1.3 - Info Disclosure
CVSS 9.8
CVE-2022-2273 HIGH
Simple Membership < 4.1.3 - Privilege Escalation via Membership Level Parameter
CVSS 8.8
CVE-2022-34338 MEDIUM
IBM Robotic Process Automation 21.0.0-21.0.2 - Sensitive Information Disclosure
CVSS 6.5
CVE-2022-35291 HIGH
SAP SuccessFactors Mobile - Improper Privilege Management in Attachment APIs
CVSS 8.1
CVE-2022-20907 MEDIUM
Cisco Nexus Dashboard 2.0-2.2(1e) - Authenticated Privilege Escalation via CLI Command Execution
CVSS 6.0
CVE-2022-20906 MEDIUM
Cisco Nexus Dashboard 2.0-2.2(1e) - Authenticated Privilege Escalation via CLI Command Execution
CVSS 6.0
CVE-2022-26113 HIGH
FortiClientWindows <7.0.3-6.4.7-6.2.9-6.0.10 - Privilege Escalation
CVSS 7.7
CVE-2022-30526 HIGH
Zyxel Firewall Firmware - Privilege Escalation via CLI Command
CVSS 7.8
Details
Vulnerabilities 2,834
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits