CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,837 vulnerabilities with CWE-269
CVE-2019-3585 HIGH
McAfee VirusScan Enterprise 8.8 - Privilege Escalation via On-Access Scan Messages
CVSS 7.0
CVE-2019-3617 HIGH
McAfee Total Protection < 4.6 - Privilege Escalation via Temporary File Protection Bypass
CVSS 7.5
CVE-2019-17066 HIGH
Ivanti WorkSpace Control < 10.4.40.0 - Authenticated Privilege Escalation via Registry Hijacking
CVSS 7.8
CVE-2019-4266 LOW
IBM Maximo Anywhere <7.6.3.1 - Info Disclosure
CVSS 2.4
CVE-2019-19216 HIGH
BMC Control-M/Agent 7.0.00.000 - Info Disclosure
CVSS 8.8
CVE-2019-15790 LOW
Apport - Privilege Escalation via PID Recycling
CVSS 2.8
CVE-2019-12522 MEDIUM
Squid < 4.7 - Privilege Escalation via leave_suid Saved UID Mismanagement
CVSS 4.5
CVE-2019-18822 HIGH
ZOOM Call Recording 6.3.1 - Privilege Escalation
CVSS 8.8
CVE-2019-15789 HIGH
MicroK8s < 1.15.3 - Privilege Escalation via Privileged Container Provisioning
CVSS 8.8
CVE-2019-19699 HIGH
Centreon Infrastructure Monitoring Software <19.10 - Authenticated RCE
CVSS 7.2
CVE-2019-19348 HIGH
openshift/apb-base <4.3.5,4.2.21,4.1.37,3.11.188-4 - Privilege Esca...
CVSS 7.0
CVE-2019-19346 HIGH
openshift/mariadb-apb <4.3.5,4.2.21,4.1.37,3.11.188-4 - Privilege E...
CVSS 7.0
CVE-2019-19345 HIGH
openshift/mediawiki-apb <4.3.0 - Privilege Escalation
CVSS 7.0
CVE-2019-16071 HIGH
Enigma NMS < 65.0.0 - Privilege Escalation via Authorization Bypass
CVSS 8.8
CVE-2019-19355 HIGH
openshift/ocp-release-operator-sdk - Privilege Escalation
CVSS 7.0
CVE-2019-19351 HIGH
openshift/jenkins - Privilege Escalation
CVSS 7.0
CVE-2019-12183 HIGH
Safescan Timemoto TM-616,TA-8000 - Info Disclosure
CVSS 7.5
CVE-2019-6195 MEDIUM
Lenovo XClarity Controller < 3.01_tei392o - Privilege Escalation via LDAP Local Authorization Mode
CVSS 4.8
CVE-2019-5472 HIGH
GitLab < 11.11.6, 12.0.0-12.0.3, < 12.1.2 - Improper Privilege Management
CVSS 7.5
CVE-2019-5468 HIGH
GitLab < 11.11.6, 12.0.4, 12.1.2 - Privilege Escalation via Mattermost Slash Commands
CVSS 8.8
CVE-2019-11288 HIGH
Pivotal TC Runtimes < 7.0.99.b - Improper Privilege Management
CVSS 7.0
CVE-2019-1454 MEDIUM
Windows User Profile Service - Elevation of Privilege via Symlink Handling
CVSS 5.5
CVE-2019-18899 MEDIUM
openSUSE Leap 15.1 - Privilege Escalation
CVSS 6.2
CVE-2019-17202 HIGH
FastTrack Admin By Request < 6.2.0.0 - Unauthenticated Privilege Escalation via PIN Bypass
CVSS 7.8
CVE-2019-10940 CRITICAL
SINEMA Server < V14.0 SP2 Update 1 - Authenticated Privilege Escalation via Incorrect Session Validation
CVSS 9.9
Details
Vulnerabilities 2,837
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits