CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,837 vulnerabilities with CWE-269
CVE-2020-7283 HIGH
McAfee Total Protection < 16.0.R26 - Privilege Escalation via Symbolic Link Manipulation
CVSS 7.5
CVE-2020-7281 HIGH
McAfee Total Protection < 16.0.R26 - Privilege Escalation via Symbolic Link Manipulation
CVSS 7.5
CVE-2020-8179 MEDIUM
Nextcloud Deck 1.0.0 - Code Injection
CVSS 4.1
CVE-2020-15368 MEDIUM
ASRock RGB Driver - Memory Corruption
CVSS 5.5
CVE-2020-14976 MEDIUM
GNS3 ubridge <0.9.18 - Info Disclosure
CVSS 5.5
CVE-2020-9225 HIGH
FusionSphere OpenStack 6.5.1 - Improper Privilege Management
CVSS 7.8
CVE-2020-7509 HIGH
Schneider-electric Easergy T300 Firmware < 1.5.2 - Improper Privilege Management
CVSS 7.2
CVE-2020-13854 CRITICAL
Artica Pandora FMS 7.44 - Improper Privilege Management
CVSS 9.8
CVE-2020-12850 HIGH
Pydio Cells Enterprise OVF <2.0.4 - Privilege Escalation
CVSS 7.0
CVE-2020-12713 HIGH
CipherMail Gateway 1.0.1-4.7.1-0 and Webmail Messenger 1.1.1-3.1.1-0 - Authenticated Privilege Escalation to Root
CVSS 7.2
CVE-2020-12757 CRITICAL
HashiCorp Vault <1.4.2 - Info Disclosure
CVSS 9.8
CVE-2020-7280 HIGH
McAfee VirusScan Enterprise - Privilege Escalation via Symbolic Link Manipulation
CVSS 7.8
CVE-2020-8320 MEDIUM
Lenovo ThinkPad - Privilege Escalation via Internal Shell
CVSS 6.4
CVE-2020-7014 HIGH
Elasticsearch 6.7.0-6.8.7 and 7.0.0-7.6.1 - Privilege Escalation via API Key and Authentication Token Manipulation
CVSS 8.8
CVE-2020-13776 MEDIUM
systemd < 245 - Improper Privilege Management via Numerical Username Handling
CVSS 6.7
CVE-2020-13695 HIGH
QuickBox Community Edition < 2.5.5 and Pro Edition < 2.1.8 - Privilege Escalation via Sudo Grep Execution
CVSS 7.2
CVE-2020-10936 HIGH
Sympa <6.2.56 - Privilege Escalation
CVSS 7.8
CVE-2020-9046 HIGH
Kantech EntraPass < 8.22 - Privilege Escalation via File Replacement
CVSS 8.8
CVE-2020-3812 MEDIUM
qmail-verify <1.06 - Info Disclosure
CVSS 5.5
CVE-2020-8021 MEDIUM
Open Build Service <2.10.5 - Info Disclosure
CVSS 5.3
CVE-2020-12860 MEDIUM
COVIDSafe <1.0.17 - Info Disclosure
CVSS 5.3
CVE-2020-12798 HIGH
Cellebrite UFED <7.5.0.845 - Privilege Escalation
CVSS 7.8
CVE-2020-7291 HIGH
McAfee Active Response < 2.4.3 - Privilege Escalation
CVSS 7.8
CVE-2020-7290 HIGH
McAfee Active Response < 2.4.3 - Privilege Escalation
CVSS 7.8
CVE-2020-7289 HIGH
McAfee Active Response < 2.4.3 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 2,837
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits