VYPR

CWE-269

Improper Privilege Management

ClassDraftLikelihood: Medium

Description

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-122 · CAPEC-233 · CAPEC-58

CVEs mapped to this weakness (1,039)

page 13 of 52
  • CVE-2018-11786HigSep 18, 2018
    risk 0.57cvss 8.8epss 0.02

    In Apache Karaf prior to 4.2.0 release, if the sshd service in Karaf is left on so an administrator can manage the running instance, any user with rights to the Karaf console can pivot and read/write any file on the file system to which the Karaf process user has access. This…

  • CVE-2018-1000648HigAug 20, 2018
    risk 0.57cvss 8.8epss 0.03

    LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Write vulnerability in Patient file letter functions that can result in Write files with malicious content and may lead to remote code execution. This attack appear to be exploitable via User…

  • CVE-2018-0613HigJul 26, 2018
    risk 0.57cvss 8.8epss 0.01

    NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A…

  • CVE-2018-0343HigJul 18, 2018
    risk 0.57cvss 8.8epss 0.02

    A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service (DoS) condition on an affected system. The vulnerability is…

  • CVE-2016-9489HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.02

    In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "ADMIN". A user is also able to change properties of another…

  • CVE-2018-4845HigJun 26, 2018
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products),…

  • CVE-2018-11190HigJun 2, 2018
    risk 0.57cvss 8.8epss 0.03

    Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 2 of 6).

  • CVE-2018-11323HigMay 22, 2018
    risk 0.57cvss 8.8epss 0.03

    An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions.

  • CVE-2018-8853HigMay 4, 2018
    risk 0.57cvss 8.8epss 0.00

    Philips Brilliance CT devices operate user functions from within a contained kiosk in a Microsoft Windows operating system. Windows boots by default with elevated Windows privileges, enabling a kiosk application, user, or an attacker to potentially attain unauthorized elevated…

  • CVE-2018-10168HigMay 3, 2018
    risk 0.57cvss 8.8epss 0.02

    TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows do not control privileges for usage of the Web API, allowing a low-privilege user to make any request as an Administrator. This is fixed in version 2.6.1_Windows.

  • CVE-2018-10172HigApr 16, 2018
    risk 0.57cvss 8.8epss 0.00

    7-Zip through 18.01 on Windows implements the "Large memory pages" option by calling the LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's account, which makes it easier for attackers to bypass intended access restrictions by using this…

  • CVE-2017-0935HigMar 22, 2018
    risk 0.57cvss 8.8epss 0.01

    Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could…

  • CVE-2017-0934HigMar 22, 2018
    risk 0.57cvss 8.8epss 0.01

    Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could escalate…

  • CVE-2017-0932HigMar 22, 2018
    risk 0.57cvss 8.8epss 0.01

    Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of validation on the input of the Feature functionality. An attacker with access to an operator (read-only) account and ssh connection to the devices…

  • CVE-2017-5736HigMar 20, 2018
    risk 0.57cvss 8.8epss 0.00

    An elevation of privilege in Intel Software Guard Extensions Platform Software Component before 1.9.105.42329 allows a local attacker to execute arbitrary code as administrator.

  • CVE-2017-15536HigFeb 5, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0. Several web application vulnerabilities allow malicious authenticated users of CDSW to escalate privileges in CDSW. CDSW users can exploit these vulnerabilities in combination to gain root access…

  • CVE-2018-5706HigJan 16, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in Octopus Deploy before 4.1.9. Any user with user editing permissions can modify teams to give themselves Administer System permissions even if they didn't have them, as demonstrated by use of the RoleEdit or TeamEdit permission.

  • CVE-2018-4862HigJan 3, 2018
    risk 0.57cvss 8.8epss 0.01

    In Octopus Deploy versions 3.2.11 - 4.1.5 (fixed in 4.1.6), an authenticated user with ProcessEdit permission could reference an Azure account in such a way as to bypass the scoping restrictions, resulting in a potential escalation of privileges.

  • CVE-2017-17384HigDec 7, 2017
    risk 0.57cvss 8.8epss 0.01

    ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain root access by creating a crafted cron job.

  • CVE-2017-8448HigSep 29, 2017
    risk 0.57cvss 8.8epss 0.01

    An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users mapped to certain built-in roles could create a watch that results in that user gaining elevated privileges.