CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,835 vulnerabilities with CWE-269
CVE-2021-36293 MEDIUM
Dell VNX2 for File <8.1.21.266 - Privilege Escalation
CVSS 6.4
CVE-2021-36290 MEDIUM
Dell VNX2 for File <8.1.21.266 - Privilege Escalation
CVSS 6.4
CVE-2021-39784 HIGH
Android 12L - Local Privilege Escalation via CellBroadcastReceiver Missing Permission Check
CVSS 7.8
CVE-2021-39783 HIGH
Android 12L - Local Privilege Escalation via rcsservice TTY Mode Modification
CVSS 7.8
CVE-2021-39782 HIGH
Android 12L - Unauthorized PLMN SIM File Modification due to Missing Permission Check
CVSS 7.8
CVE-2021-39772 HIGH
Android 12L - Local Privilege Escalation via Bluetooth A2DP Audio Control
CVSS 8.8
CVE-2021-22801 CRITICAL
ConneXium Network Manager - Improper Privilege Management leading to Arbitrary Command Execution
CVSS 9.8
CVE-2021-36302 CRITICAL
Dell Emc Integrated System For Microsoft Azure Stack Hub Firmware < 2204 - Improper Privilege Management
CVSS 9.9
CVE-2021-3813 MEDIUM
GitHub chatwoot/chatwoot < 2.2 - Privilege Escalation
CVSS 6.5
CVE-2021-37852 HIGH
ESET Endpoint Antivirus 6.6.2046.0-7.3.2055.0 - Privilege Escalation via Pipe Impersonation
CVSS 7.8
CVE-2021-45729 MEDIUM
WP Google Map <1.8.0 - Privilege Escalation
CVSS 5.4
CVE-2021-45222 HIGH
COINS Construction Cloud 11.12 - Privilege Escalation via HR Interface
CVSS 8.8
CVE-2021-34998 HIGH
Panda Security Free Antivirus 20.2.0.0 - Privilege Escalation
CVSS 7.8
CVE-2021-43860 HIGH
Flatpak <1.12.3-1.10.6 - Privilege Escalation
CVSS 8.2
CVE-2021-42562 HIGH
MITRE Caldera < 2.8.1 - Improper Privilege Management
CVSS 8.1
CVE-2021-45440 HIGH
Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 - Privilege Escalation via Impersonation Abuse
CVSS 7.8
CVE-2021-41388 HIGH
Netskope < 89 - Local Privilege Escalation via XPC Service Connection
CVSS 7.8
CVE-2021-31833 HIGH
McAfee Application and Change Control < 8.3.4 - Privilege Escalation via Binary Renaming
CVSS 7.1
CVE-2021-39982 CRITICAL
HarmonyOS - Improper Privilege Management via Phone Manager Notification Tampering
CVSS 9.1
CVE-2021-43858 HIGH
MinIO <RELEASE.2021-12-27T07-23-18Z - Privilege Escalation
CVSS 8.8
CVE-2021-21750 HIGH
ZTE ZXIN10 CMS < 3.01.01.04 - Privilege Escalation via Timed Task Modification
CVSS 7.8
CVE-2021-21911 HIGH
Advantech R-SeeNet 2.4.15 - Privilege Escalation via File Replacement
CVSS 7.8
CVE-2021-27445 HIGH
Mesa Labs AmegaView <3.0 - Privilege Escalation
CVSS 7.8
CVE-2021-36316 MEDIUM
Dell EMC Avamar Server <19.4 - Privilege Escalation
CVSS 6.7
CVE-2021-43835 HIGH
Sulu <2.2.18, <2.3.8, <2.4.0 - Privilege Escalation
CVSS 7.2
Details
Vulnerabilities 2,835
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits