CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,836 vulnerabilities with CWE-269
CVE-2021-36943 MEDIUM
Azure CycleCloud - Improper Privilege Management
CVSS 4.0
CVE-2021-36927 HIGH
Windows 7, 8.1, RT 8.1, Server 2008, Server 2012 - Elevation of Privilege via Digital TV Tuner Device Registration
CVSS 7.8
CVE-2021-34537 HIGH
Windows Bluetooth Driver - Elevation of Privilege via Improper Privilege Management
CVSS 7.8
CVE-2021-34487 HIGH
Windows 10 and Windows Server 2016/2019 - Elevation of Privilege via Event Tracing
CVSS 7.0
CVE-2021-34483 HIGH
Windows Print Spooler - Elevation of Privilege
CVSS 7.8
CVE-2021-34471 HIGH
Microsoft Malware Protection Engine < 1.1.18400.4 - Elevation of Privilege
CVSS 7.8
CVE-2021-37627 HIGH
Contao 4.4.0-4.4.55 - Privilege Escalation via Form Generator
CVSS 8.0
CVE-2021-21567 HIGH
Dell PowerScale OneFS 9.1.0.x - Authenticated Privilege Escalation
CVSS 7.8
CVE-2021-38140 CRITICAL
PostgreSQL <2.0.1 - Privilege Escalation
CVSS 9.8
CVE-2021-1572 HIGH
Cisco ConfD 7.4-7.4.3 - Authenticated Privilege Escalation via SFTP User Service
CVSS 7.8
CVE-2021-22421 HIGH
HarmonyOS - Improper Privilege Management
CVSS 7.8
CVE-2021-22396 HIGH
Huawei eCNS280_TD and eSE620X vESS - Privilege Escalation via Improper File Access
CVSS 7.8
CVE-2021-37167 CRITICAL
HMI3 Control Panel Firmware < 7.2.5.7 - Privilege Escalation via Default Credentials
CVSS 9.8
CVE-2021-33526 HIGH
MB connect line mbDIALUP <= 3.9R0.0 - Privilege Escalation
CVSS 7.8
CVE-2021-34802 HIGH
Neo4j Graph Database 4.2.0-4.2.7 - Authenticated Privilege Escalation via Transaction Security Context
CVSS 8.8
CVE-2021-31581 HIGH
Akkadianlabs Ova Appliance < 3.0 - Improper Privilege Management
CVSS 7.9
CVE-2021-34481 HIGH
Windows Print Spooler - Remote Code Execution via Privileged File Operations
CVSS 8.8
CVE-2021-34461 HIGH
Windows 10 and Windows Server 2016 - Elevation of Privilege in Container Isolation FS Filter Driver
CVSS 7.8
CVE-2021-34460 HIGH
Windows Storage Spaces Controller - Improper Privilege Management
CVSS 7.8
CVE-2021-34459 HIGH
Windows AppContainer - Improper Privilege Management
CVSS 7.8
CVE-2021-34456 HIGH
Windows Remote Access Connection Manager - Elevation of Privilege via Improper Privilege Management
CVSS 7.8
CVE-2021-34455 HIGH
Windows File History Service - Improper Privilege Management
CVSS 7.8
CVE-2021-32739 HIGH
Icinga <2.12.4 - Privilege Escalation
CVSS 8.8
CVE-2021-33505 HIGH
Falco <0.29.1 - Privilege Escalation
CVSS 7.8
CVE-2021-34514 HIGH
Windows Kernel - Improper Privilege Management
CVSS 7.8
Details
Vulnerabilities 2,836
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits