CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,835 vulnerabilities with CWE-269
CVE-2021-34412 HIGH
Zoom Meetings < 5.4.0 - Local Privilege Escalation via Internet Explorer Launch
CVSS 7.8
CVE-2021-34411 HIGH
Zoom Rooms < 5.3.0 - Local Privilege Escalation via Internet Explorer Launch
CVSS 7.8
CVE-2021-31847 HIGH
McAfee Agent < 5.7.4 - DLL Preloading Privilege Escalation via Unprotected Repair Directory
CVSS 8.2
CVE-2021-31836 MEDIUM
McAfee Agent for Windows < 5.7.4 - Improper Privilege Management via maconfig Utility
CVSS 5.6
CVE-2021-33697 MEDIUM
SAP BusinessObjects Business Intelligence Platform 420, 430 - Unauthenticated Reverse Tabnabbing
CVSS 6.1
CVE-2021-40447 HIGH
Windows Print Spooler - Privilege Escalation
CVSS 7.8
CVE-2021-38671 HIGH
Windows Print Spooler - Privilege Escalation
CVSS 7.8
CVE-2021-38667 HIGH
Windows Print Spooler - Privilege Escalation
CVSS 7.8
CVE-2021-38639 HIGH
Windows 10 - Elevation of Privilege in Win32k
CVSS 7.8
CVE-2021-38638 HIGH
Windows Ancillary Function Driver - Privilege Escalation
CVSS 7.8
CVE-2021-38634 HIGH
Microsoft Windows Update Client - Privilege Escalation
CVSS 7.1
CVE-2021-38633 HIGH
Windows Common Log File System Driver - Privilege Escalation
CVSS 7.8
CVE-2021-38630 HIGH
Windows Event Tracing - Privilege Escalation
CVSS 7.8
CVE-2021-38628 HIGH
Windows Ancillary Function Driver - Privilege Escalation
CVSS 7.8
CVE-2021-38626 HIGH
Windows Kernel - Privilege Escalation
CVSS 7.8
CVE-2021-38625 HIGH
Windows Kernel - Privilege Escalation
CVSS 7.8
CVE-2021-36975 HIGH
Windows 10 and Windows Server 2016/2019/2022 - Privilege Escalation via Win32k
CVSS 7.8
CVE-2021-36974 HIGH
Windows SMB - Improper Privilege Management
CVSS 7.8
CVE-2021-36973 HIGH
Windows 10 and Windows Server 2016/2019/2022 - Elevation of Privilege via Redirected Drive Buffering System
CVSS 7.8
CVE-2021-36968 HIGH
Windows 7 and Windows Server 2008 - Privilege Escalation via DNS
CVSS 7.8
CVE-2021-36967 HIGH
Windows 10 and Windows Server 2016/2019 - Elevation of Privilege in WLAN AutoConfig Service
CVSS 8.0
CVE-2021-36966 HIGH
Windows 10 and Windows Server 2016/2019 - Elevation of Privilege in Windows Subsystem for Linux
CVSS 7.8
CVE-2021-36964 HIGH
Windows Event Tracing - Improper Privilege Management
CVSS 7.8
CVE-2021-36963 HIGH
Windows Common Log File System Driver - Elevation of Privilege
CVSS 7.8
CVE-2021-36954 HIGH
Windows 10 and Windows Server 2016/2019/2022 - Elevation of Privilege via Bind Filter Driver
CVSS 8.8
Details
Vulnerabilities 2,835
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits