CWE-1220
Insufficient Granularity of Access Control
Description
The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-1 · CAPEC-180
CVEs mapped to this weakness (47)
page 1 of 3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-31201 | Cri | 0.76 | 9.8 | 0.12 | KEV | Apr 16, 2025 | This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of… | |
| CVE-2026-33825 | Hig | 0.63 | 7.8 | 0.07 | KEV | Apr 14, 2026 | Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally. | |
| CVE-2026-6356 | Cri | 0.62 | 9.6 | 0.00 | Apr 22, 2026 | A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information. | ||
| CVE-2026-6388 | Cri | 0.59 | 9.1 | 0.00 | Apr 15, 2026 | A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace boundaries. By exploiting insufficient validation, the attacker can trigger… | ||
| CVE-2025-7493 | Cri | 0.59 | 9.1 | 0.01 | Sep 30, 2025 | A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM… | ||
| CVE-2025-4404 | Cri | 0.59 | 9.1 | 0.02 | Jun 17, 2025 | A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM… | ||
| CVE-2026-40365 | Hig | 0.57 | 8.8 | 0.01 | May 12, 2026 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | ||
| CVE-2026-35436 | Hig | 0.57 | 8.8 | 0.00 | May 12, 2026 | Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. | ||
| CVE-2024-21962 | Hig | 0.56 | — | 0.00 | May 15, 2026 | Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation and arbitrary code execution. | ||
| CVE-2025-3648 | Hig | 0.53 | — | 0.02 | Jul 8, 2025 | A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list (ACL) configurations, this vulnerability could enable unauthenticated and authenticated users to use range query… | ||
| CVE-2022-36110 | Hig | 0.50 | 8.8 | 0.01 | Sep 9, 2022 | Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run… | ||
| CVE-2024-21947 | — | Hig | 0.49 | 7.5 | 0.00 | Sep 6, 2025 | Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level. | |
| CVE-2025-22839 | Hig | 0.49 | 7.5 | 0.00 | Aug 12, 2025 | Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. | ||
| CVE-2023-31343 | — | Hig | 0.49 | 7.5 | 0.00 | Feb 11, 2025 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. | |
| CVE-2023-31342 | — | Hig | 0.49 | 7.5 | 0.00 | Feb 11, 2025 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. | |
| CVE-2025-20111 | Hig | 0.48 | 7.4 | 0.00 | Feb 26, 2025 | A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service… | ||
| CVE-2021-46747 | Hig | 0.46 | — | 0.00 | Jun 1, 2026 | Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application to map sensitive SMN (System Management Network) apertures leading to a potential escalation of privileges. | ||
| CVE-2024-52799 | Hig | 0.46 | 8.2 | 0.00 | Nov 21, 2024 | Argo Workflows Chart is used to set up argo and its needed dependencies through one command. Prior to 0.44.0, the workflow-role has excessive privileges, the worst being create pods/exec, which will allow kubectl exec into any Pod in the same namespace, i.e. arbitrary code… | ||
| CVE-2025-20628 | Med | 0.45 | — | 0.00 | Apr 7, 2026 | An insufficient granularity of access control vulnerability exists in PingIDM (formerly ForgeRock Identity Management) where administrators cannot properly configure access rules for Remote Connector Servers (RCS) running in client mode. This means attackers can spoof a… | ||
| CVE-2024-39279 | Med | 0.42 | 6.5 | 0.00 | Feb 12, 2025 | Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow a authenticated user to potentially enable denial of service via local access. |
- risk 0.76cvss 9.8epss 0.12
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of…
- risk 0.63cvss 7.8epss 0.07
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.
- risk 0.62cvss 9.6epss 0.00
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information.
- risk 0.59cvss 9.1epss 0.00
A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace boundaries. By exploiting insufficient validation, the attacker can trigger…
- risk 0.59cvss 9.1epss 0.01
A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM…
- risk 0.59cvss 9.1epss 0.02
A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM…
- risk 0.57cvss 8.8epss 0.01
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
- risk 0.57cvss 8.8epss 0.00
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
- risk 0.56cvss —epss 0.00
Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation and arbitrary code execution.
- risk 0.53cvss —epss 0.02
A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list (ACL) configurations, this vulnerability could enable unauthenticated and authenticated users to use range query…
- risk 0.50cvss 8.8epss 0.01
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run…
- risk 0.49cvss 7.5epss 0.00
Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level.
- risk 0.49cvss 7.5epss 0.00
Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
- risk 0.49cvss 7.5epss 0.00
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.
- risk 0.49cvss 7.5epss 0.00
Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution.
- risk 0.48cvss 7.4epss 0.00
A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service…
- risk 0.46cvss —epss 0.00
Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application to map sensitive SMN (System Management Network) apertures leading to a potential escalation of privileges.
- risk 0.46cvss 8.2epss 0.00
Argo Workflows Chart is used to set up argo and its needed dependencies through one command. Prior to 0.44.0, the workflow-role has excessive privileges, the worst being create pods/exec, which will allow kubectl exec into any Pod in the same namespace, i.e. arbitrary code…
- risk 0.45cvss —epss 0.00
An insufficient granularity of access control vulnerability exists in PingIDM (formerly ForgeRock Identity Management) where administrators cannot properly configure access rules for Remote Connector Servers (RCS) running in client mode. This means attackers can spoof a…
- risk 0.42cvss 6.5epss 0.00
Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow a authenticated user to potentially enable denial of service via local access.