CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,836 vulnerabilities with CWE-269
CVE-2020-15390 CRITICAL
Pega Platform 8.4.0.237 - Info Disclosure
CVSS 9.8
CVE-2020-29620 HIGH
macOS 10.14-10.14.5 and 11.0 - Privilege Escalation
CVSS 7.8
CVE-2020-27938 HIGH
macOS < 11.2.0 - Privilege Escalation via Logic Issue
CVSS 7.8
CVE-2020-7467 HIGH
FreeBSD Privilege Escalation via AMD Virtualization Instructions
CVSS 7.6
CVE-2020-4184 HIGH
IBM Security Guardium 11.2 - Improper Privilege Management
CVSS 7.3
CVE-2020-12528 MEDIUM
MymbCONNECT24 <V2.6.2 - Privilege Escalation
CVSS 6.5
CVE-2020-12527 MEDIUM
MymbCONNECT24 <v2.11.2 - Privilege Escalation
CVSS 6.5
CVE-2020-35557 MEDIUM
MB connect line mbCONNECT24 and mymbCONNECT24 <= 2.11.2 - Authenticated Improper Privilege Management
CVSS 6.5
CVE-2020-29031 HIGH
GateManager < 9.2c - Authenticated Privilege Escalation via Password Reset
CVSS 7.1
CVE-2020-26191 HIGH
Dell EMC PowerScale OneFS 8.1.0-9.1.0 - Privilege Escalation via PermissionRepair Job
CVSS 7.8
CVE-2020-35517 HIGH
qemu 5.0.0-5.2.50 - Privilege Escalation via virtio-fs Shared File System Device File Creation
CVSS 8.2
CVE-2020-6024 HIGH
Check Point SmartConsole <R80.10-0.30-0.40-0.41 - Privilege Escalation
CVSS 7.8
CVE-2020-9141 CRITICAL
Huawei EMUI and Magic UI - Improper Privilege Management
CVSS 9.1
CVE-2020-8275 MEDIUM
Citrix Secure Mail for Android <20.11.0 - Info Disclosure
CVSS 4.3
CVE-2020-26181 HIGH
Dell EMC Isilon OneFS <8.1.0.0 and PowerScale OneFS 9.0.0 - Privilege Escalation via SmartLock Compliance Mode
CVSS 7.0
CVE-2020-36156 CRITICAL
Ultimate Member < 2.1.12 - Authenticated Privilege Escalation via Profile Update
CVSS 9.9
CVE-2020-36155 CRITICAL
Ultimate Member < 2.1.12 - Unauthenticated Privilege Escalation via User Meta Registration
CVSS 10.0
CVE-2020-8290 HIGH
Backblaze <7.0.0.439 - Privilege Escalation
CVSS 7.8
CVE-2020-25194 HIGH
MOXA NPort IAW5000A-I/O Firmware < 2.1 - Privilege Escalation via Web Server Requests
CVSS 8.8
CVE-2020-24678 HIGH
S+ Operations/S+ Historian - Privilege Escalation
CVSS 8.8
CVE-2020-25106 HIGH
SupRemo 4.1.3.2348 - Privilege Escalation via File Manager Exploit
CVSS 7.8
CVE-2020-13519 HIGH
NZXT CAM 4.8.0 - Privilege Escalation
CVSS 8.8
CVE-2020-13515 HIGH
NZXT CAM 4.8.0 - Privilege Escalation
CVSS 8.8
CVE-2020-13514 HIGH
NZXT CAM 4.8.0 - Privilege Escalation
CVSS 8.8
CVE-2020-13513 HIGH
NZXT CAM 4.8.0 - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities 2,836
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits