CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,835 vulnerabilities with CWE-269
CVE-2021-42286 HIGH
Windows 10 and Windows Server 2016 - Elevation of Privilege in Core Shell SI Host Extension Framework
CVSS 7.8
CVE-2021-42285 HIGH
Windows Kernel - Improper Privilege Management
CVSS 7.8
CVE-2021-42283 HIGH
Windows NTFS - Elevation of Privilege via Improper Privilege Management
CVSS 8.8
CVE-2021-42282 HIGH
Windows Server - Active Directory Domain Services Elevation of Privilege
CVSS 7.5
CVE-2021-42280 MEDIUM
Windows Feedback Hub - Improper Privilege Management
CVSS 5.5
CVE-2021-42277 MEDIUM
Visual Studio 2017 15.0-15.8 and 2019 16.0-16.10 - Elevation of Privilege via Diagnostics Hub Standard Collector
CVSS 5.5
CVE-2021-41377 HIGH
Windows Fast FAT File System Driver - Improper Privilege Management
CVSS 7.8
CVE-2021-41370 HIGH
Windows NTFS - Elevation of Privilege via Improper Privilege Management
CVSS 7.8
CVE-2021-41367 HIGH
Windows NTFS - Improper Privilege Management
CVSS 7.8
CVE-2021-41366 HIGH
Windows CredSSP - Improper Privilege Management
CVSS 7.8
CVE-2021-36957 HIGH
Windows 10 and Windows Server 2016/2019/2022 - Elevation of Privilege via Desktop Bridge
CVSS 7.8
CVE-2021-25508 MEDIUM
SmartThings <1.7.73.22 - Privilege Escalation
CVSS 5.3
CVE-2021-25502 HIGH
Property Settings <SMR Nov-2021 Release 1 - Info Disclosure
CVSS 7.9
CVE-2021-40124 MEDIUM
Cisco Anyconnect Secure Mobility Client < 4.10.03104 - Improper Privilege Management
CVSS 6.7
CVE-2021-41022 HIGH
Fortinet FortiSIEM <4.1.4 - Privilege Escalation
CVSS 7.8
CVE-2021-1118 HIGH
NVIDIA vGPU 8.0-8.9 - Privilege Escalation via Virtual GPU Manager
CVSS 7.8
CVE-2021-3576 HIGH
Bitdefender <7.2.1.65, <25.0.26 - Privilege Escalation
CVSS 7.8
CVE-2021-23877 MEDIUM
McAfee Total Protection < 16.0.34 - Privilege Escalation via Trial Installer Temporary File Replacement
CVSS 6.7
CVE-2021-42108 HIGH
Trend Micro Apex One and Worry-Free Business Security - Local Privilege Escalation via Web Console
CVSS 7.8
CVE-2021-42107 HIGH
Trend Micro Apex One and Worry-Free Business Security - Local Privilege Escalation
CVSS 7.8
CVE-2021-42106 HIGH
Trend Micro Apex One and Worry-Free Business Security - Local Privilege Escalation
CVSS 7.8
CVE-2021-42105 HIGH
Trend Micro Apex One and Worry-Free Business Security - Local Privilege Escalation
CVSS 7.8
CVE-2021-42104 HIGH
Trend Micro Apex One and Worry-Free Business Security - Local Privilege Escalation
CVSS 7.8
CVE-2021-31360 HIGH
Junos OS and Junos OS Evolved - Improper Privilege Management via CLI File Overwrite
CVSS 7.1
CVE-2021-31359 HIGH
Juniper Junos OS and Junos OS Evolved - Local Privilege Escalation and Denial of Service via jdhcpd Process
CVSS 7.8
Details
Vulnerabilities 2,835
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits