CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,836 vulnerabilities with CWE-269
CVE-2020-15862 HIGH
Net-SNMP < 5.8.1 - Authenticated Remote Code Execution via EXTEND MIB
CVSS 7.8
CVE-2020-15149 CRITICAL
NodeBB <1.14.3 - Privilege Escalation
CVSS 9.9
CVE-2020-7019 MEDIUM
Elasticsearch <6.8.12 and 7.0.0-7.9.0 - Improper Privilege Management via Scrolling Search Field Disclosure
CVSS 6.5
CVE-2020-7018 HIGH
Elastic Enterprise Search < 7.9.0 - Privilege Escalation via Developer Role Credential Exposure
CVSS 8.8
CVE-2020-1488 HIGH
Windows AppX Deployment Extensions - Privilege Escalation
CVSS 7.0
CVE-2020-24331 HIGH
TrouSerS < 0.3.14 - Improper Privilege Management in tcsd.conf
CVSS 7.8
CVE-2020-24330 HIGH
TrouSerS <0.3.14 - Privilege Escalation
CVSS 7.8
CVE-2020-7305 MEDIUM
McAfee Data Loss Prevention < 11.3.28 - Privilege Escalation via Incorrect Credential Validation
CVSS 6.7
CVE-2020-11552 CRITICAL
Zohocorp ManageEngine ADSelfService Plus < 6003 - Privilege Escalation
CVSS 9.8
CVE-2020-15826 MEDIUM
JetBrains TeamCity < 2020.1 - Improper Privilege Management
CVSS 4.3
CVE-2020-15824 HIGH
JetBrains Kotlin 1.4-M1-1.4-RC - Privilege Escalation via System Temp Directory Script Cache
CVSS 8.8
CVE-2020-13522 HIGH
SoftPerfect RAM Disk <4.1 - File Delete
CVSS 7.1
CVE-2020-5617 HIGH
SKYSEA Client View <15.210.05f - Privilege Escalation
CVSS 7.8
CVE-2020-5773 HIGH
Teltonika TRB2_R_00.02.04.01 - Privilege Escalation
CVSS 8.8
CVE-2020-14162 HIGH
Pi-Hole < 5.1 - OS Command Injection via setdns Command
CVSS 7.8
CVE-2020-14493 HIGH
OpenClinic GA <5.89.05b - SQL Injection
CVSS 8.8
CVE-2020-9669 CRITICAL
Adobe Creative Cloud < 5.1 - Privilege Escalation
CVSS 9.8
CVE-2020-10286 HIGH
Main User Account - Privilege Escalation
CVSS 8.8
CVE-2020-1431 HIGH
Windows AppX Deployment Extensions - Privilege Escalation
CVSS 7.8
CVE-2020-1416 HIGH
Visual Studio < - Privilege Escalation
CVSS 8.8
CVE-2020-1412 HIGH
Microsoft Graphics Components - RCE
CVSS 8.8
CVE-2020-7578 HIGH
Opcenter Execution Core < 8.2 - Authenticated Improper Access Control
CVSS 8.1
CVE-2020-11956 CRITICAL
Rittal CMCIII-PU-9333E0FB < 3.17.10 and PDU-3C002DEC < 5.17.10 - Improper Privilege Management
CVSS 9.8
CVE-2020-6013 HIGH
ZoneAlarm Firewall and Antivirus <15.8.109.18436 - Privilege Escala...
CVSS 8.8
CVE-2020-7283 HIGH
McAfee Total Protection < 16.0.R26 - Privilege Escalation via Symbolic Link Manipulation
CVSS 7.5
Details
Vulnerabilities 2,836
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits