CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,836 vulnerabilities with CWE-269
CVE-2021-23885 CRITICAL
McAfee Web Gateway < 8.2.17 - Authenticated Privilege Escalation via Troubleshooting Page
CVSS 9.0
CVE-2021-20075 HIGH
Racom MIDGE Firmware 4.4.40.105 - Privilege Escalation via configd
CVSS 7.8
CVE-2021-26936 HIGH
ReplaySorcery 0.4.0-0.5.0 - Local Privilege Escalation via Video Output Path
CVSS 7.8
CVE-2021-0327 HIGH
Android - Local Privilege Escalation via Binder Identity Bypass
CVSS 7.8
CVE-2021-23876 HIGH
McAfee Total Protection < 16.0.30 - Privilege Escalation and Arbitrary File Modification via RPC Bypass
CVSS 7.8
CVE-2021-23874 HIGH KEV
McAfee Total Protection < 16.0.30 - Arbitrary Process Execution and Privilege Escalation via Self-Defense Bypass
CVSS 8.2
CVE-2021-23882 HIGH
McAfee Endpoint Security < 10.7.0 - Improper Access Control via Crafted File Placement
CVSS 8.2
CVE-2021-23880 MEDIUM
McAfee Endpoint Security < 10.7.0 - Authenticated Uninstallation of Anti-Malware Engine via Specific Command
CVSS 6.7
CVE-2021-0223 HIGH
Juniper Junos OS - Authenticated Local Privilege Escalation via telnetd.real Setuid Abuse
CVSS 7.8
CVE-2021-0204 HIGH
Juniper Networks Junos OS - Info Disclosure
CVSS 7.8
CVE-2021-20618 CRITICAL
acmailer <4.0.2-1.1.4 - Privilege Escalation
CVSS 9.8
CVE-2021-1258 MEDIUM
Cisco Anyconnect Secure Mobility Client < 4.9.03047 - Improper Privilege Management
CVSS 5.5
CVE-2021-1719 HIGH
Microsoft SharePoint Enterprise Server - Improper Privilege Management
CVSS 8.0
CVE-2021-1712 HIGH
Microsoft SharePoint - Improper Privilege Management
CVSS 8.0
CVE-2021-1709 HIGH
Windows Win32k - Elevation of Privilege
CVSS 7.0
CVE-2021-1706 HIGH
Windows LUAFV - Improper Privilege Management
CVSS 7.3
CVE-2021-1704 HIGH
Windows Hyper-V - Elevation of Privilege via Improper Privilege Management
CVSS 7.3
CVE-2021-1703 HIGH
Windows 10 and Windows Server 2016 - Elevation of Privilege in Event Logging Service
CVSS 7.8
CVE-2021-1702 HIGH
Windows Remote Procedure Call Runtime - Elevation of Privilege via Improper Privilege Management
CVSS 7.8
CVE-2021-1697 HIGH
Windows 10 and Windows Server 2016/2019 - Elevation of Privilege via InstallService
CVSS 7.8
CVE-2021-1695 HIGH
Windows Print Spooler - Improper Privilege Management
CVSS 7.8
CVE-2021-1694 HIGH
Windows Update Stack - Improper Privilege Management
CVSS 7.5
CVE-2021-1693 HIGH
Windows CSC Service - Elevation of Privilege via Improper Privilege Management
CVSS 7.8
CVE-2021-1690 HIGH
Windows 10 - Elevation of Privilege in WalletService
CVSS 7.8
CVE-2021-1689 HIGH
Windows 10 and Windows Server 2016/2019 - Elevation of Privilege via Multipoint Management
CVSS 7.8
Details
Vulnerabilities 2,836
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits