CWE-269
Improper Privilege Management
Description
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-122 · CAPEC-233 · CAPEC-58
CVEs mapped to this weakness (1,039)
page 28 of 52| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-8176 | Hig | 0.49 | 7.5 | 0.00 | Jun 16, 2026 | The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation to Administrator in versions up to, and including, 5.5.1. The plugin chains three independent flaws that together allow an authenticated Agent… | ||
| CVE-2026-11296 | Hig | 0.49 | 7.5 | 0.00 | Jun 5, 2026 | Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low) | ||
| CVE-2026-23663 | Hig | 0.49 | 7.5 | 0.01 | May 22, 2026 | Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network. | ||
| CVE-2026-28976 | — | Hig | 0.49 | 7.5 | 0.00 | May 11, 2026 | An information leakage was addressed with additional validation. This issue is fixed in macOS Tahoe 26.5. An app may be able to gain root privileges. | |
| CVE-2026-3621 | Hig | 0.49 | 7.5 | 0.00 | Apr 23, 2026 | IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deployed without authentication and authorization configured. | ||
| CVE-2025-13292 | Hig | 0.49 | — | 0.00 | Dec 6, 2025 | A vulnerability in Apigee-X allowed an attacker to gain unauthorized read and write access to Apigee Analytics (AX) data and access logs belonging to other Apigee customer organizations. Apigee-X was found to be vulnerable. This vulnerability was patched in… | ||
| CVE-2025-66314 | Hig | 0.49 | 7.5 | 0.00 | Nov 27, 2025 | Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ElasticNet UME R32: ElasticNet_UME_R32_V16.23.20.04. | ||
| CVE-2025-1037 | Hig | 0.49 | — | 0.00 | Oct 28, 2025 | By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access via secure shell (SSH) to an unrestricted root shell. This is possible through abuse of a particular set of scripts and… | ||
| CVE-2025-9038 | Hig | 0.49 | — | 0.00 | Sep 22, 2025 | Improper Privilege Management vulnerability in GE Vernova S1 Agile Configuration Software on Windows allows Privilege Escalation.This issue affects S1 Agile Configuration Software: 3.1 and previous version. | ||
| CVE-2024-11218 | Hig | 0.49 | 8.6 | 0.00 | Jan 22, 2025 | A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and… | ||
| CVE-2024-46549 | Hig | 0.49 | 7.6 | 0.00 | Sep 30, 2024 | An issue in the TP-Link MQTT Broker and API gateway of TP-Link Kasa KP125M v1.0.3 allows attackers to establish connections by impersonating devices owned by other users. | ||
| CVE-2024-41228 | Hig | 0.49 | 7.6 | 0.00 | Sep 23, 2024 | A symlink following vulnerability in the pouch cp function of AliyunContainerService pouch v1.3.1 allows attackers to escalate privileges and write arbitrary files. | ||
| CVE-2024-39206 | — | Hig | 0.49 | 7.5 | 0.00 | Jul 2, 2024 | An issue discovered in MSP360 Backup Agent v7.8.5.15 and v7.9.4.84 allows attackers to obtain network share credentials used in a backup due to enginesettings.list being encrypted with a hard coded key. | |
| CVE-2024-4988 | Hig | 0.49 | 7.5 | 0.00 | May 21, 2024 | The mobile application (com.transsion.videocallenhancer) interface has improper permission control, which can lead to the risk of private file leakage. | ||
| CVE-2024-31237 | Hig | 0.49 | 7.5 | 0.00 | May 17, 2024 | Improper Privilege Management vulnerability in WP Sharks s2Member Pro allows Privilege Escalation.This issue affects s2Member Pro: from n/a through 240315. | ||
| CVE-2023-23990 | Hig | 0.49 | 7.6 | 0.01 | May 17, 2024 | Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.This issue affects Redirection for Contact Form 7: from n/a through 2.7.0. | ||
| CVE-2024-33398 | Hig | 0.49 | 7.5 | 0.01 | May 3, 2024 | There is a ClusterRole in piraeus-operator v2.5.0 and earlier which has been granted list secrets permission, which allows an attacker to impersonate the service account bound to this ClusterRole and use its high-risk privileges to list confidential information across the… | ||
| CVE-2023-33966 | Hig | 0.49 | 8.6 | 0.01 | May 31, 2023 | Deno is a runtime for JavaScript and TypeScript. In deno 1.34.0 and deno_runtime 0.114.0, outbound HTTP requests made using the built-in `node:http` or `node:https` modules are incorrectly not checked against the network permission allow list (`--allow-net`). Dependencies… | ||
| CVE-2021-3283 | — | Hig | 0.49 | 7.5 | 0.01 | Feb 1, 2021 | HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Fixed in 0.12.10, and 1.0.3. | |
| CVE-2018-5166 | Hig | 0.49 | 7.5 | 0.02 | Jun 11, 2018 | WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox < 60. |
- risk 0.49cvss 7.5epss 0.00
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation to Administrator in versions up to, and including, 5.5.1. The plugin chains three independent flaws that together allow an authenticated Agent…
- risk 0.49cvss 7.5epss 0.00
Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)
- risk 0.49cvss 7.5epss 0.01
Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network.
- risk 0.49cvss 7.5epss 0.00
An information leakage was addressed with additional validation. This issue is fixed in macOS Tahoe 26.5. An app may be able to gain root privileges.
- risk 0.49cvss 7.5epss 0.00
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deployed without authentication and authorization configured.
- risk 0.49cvss —epss 0.00
A vulnerability in Apigee-X allowed an attacker to gain unauthorized read and write access to Apigee Analytics (AX) data and access logs belonging to other Apigee customer organizations. Apigee-X was found to be vulnerable. This vulnerability was patched in…
- risk 0.49cvss 7.5epss 0.00
Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ElasticNet UME R32: ElasticNet_UME_R32_V16.23.20.04.
- risk 0.49cvss —epss 0.00
By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access via secure shell (SSH) to an unrestricted root shell. This is possible through abuse of a particular set of scripts and…
- risk 0.49cvss —epss 0.00
Improper Privilege Management vulnerability in GE Vernova S1 Agile Configuration Software on Windows allows Privilege Escalation.This issue affects S1 Agile Configuration Software: 3.1 and previous version.
- risk 0.49cvss 8.6epss 0.00
A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and…
- risk 0.49cvss 7.6epss 0.00
An issue in the TP-Link MQTT Broker and API gateway of TP-Link Kasa KP125M v1.0.3 allows attackers to establish connections by impersonating devices owned by other users.
- risk 0.49cvss 7.6epss 0.00
A symlink following vulnerability in the pouch cp function of AliyunContainerService pouch v1.3.1 allows attackers to escalate privileges and write arbitrary files.
- risk 0.49cvss 7.5epss 0.00
An issue discovered in MSP360 Backup Agent v7.8.5.15 and v7.9.4.84 allows attackers to obtain network share credentials used in a backup due to enginesettings.list being encrypted with a hard coded key.
- risk 0.49cvss 7.5epss 0.00
The mobile application (com.transsion.videocallenhancer) interface has improper permission control, which can lead to the risk of private file leakage.
- risk 0.49cvss 7.5epss 0.00
Improper Privilege Management vulnerability in WP Sharks s2Member Pro allows Privilege Escalation.This issue affects s2Member Pro: from n/a through 240315.
- risk 0.49cvss 7.6epss 0.01
Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.This issue affects Redirection for Contact Form 7: from n/a through 2.7.0.
- risk 0.49cvss 7.5epss 0.01
There is a ClusterRole in piraeus-operator v2.5.0 and earlier which has been granted list secrets permission, which allows an attacker to impersonate the service account bound to this ClusterRole and use its high-risk privileges to list confidential information across the…
- risk 0.49cvss 8.6epss 0.01
Deno is a runtime for JavaScript and TypeScript. In deno 1.34.0 and deno_runtime 0.114.0, outbound HTTP requests made using the built-in `node:http` or `node:https` modules are incorrectly not checked against the network permission allow list (`--allow-net`). Dependencies…
- risk 0.49cvss 7.5epss 0.01
HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Fixed in 0.12.10, and 1.0.3.
- risk 0.49cvss 7.5epss 0.02
WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox < 60.