CWE-269
Improper Privilege Management
Description
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-122 · CAPEC-233 · CAPEC-58
CVEs mapped to this weakness (1,039)
page 31 of 52| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-1134 | — | Med | 0.42 | 6.5 | 0.01 | May 25, 2018 | An issue was discovered in Moodle 3.x. Students who submitted assignments and exported them to portfolios can download any stored Moodle file by changing the download URL. | |
| CVE-2017-10690 | Med | 0.42 | 6.5 | 0.01 | Feb 9, 2018 | In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4 | ||
| CVE-2018-0010 | Med | 0.42 | 6.5 | 0.01 | Jan 10, 2018 | A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. Affected releases are all versions of Junos Space Security Director prior to… | ||
| CVE-2017-1000156 | Med | 0.42 | 6.5 | 0.01 | Nov 3, 2017 | Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to a group's configuration page being editable by any group member even when they didn't have the admin role. | ||
| CVE-2017-15917 | Med | 0.42 | 6.5 | 0.01 | Oct 26, 2017 | In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create a Map as a read-only user, by forging a request and sending it to the server. | ||
| CVE-2017-1000104 | Med | 0.42 | 6.5 | 0.01 | Oct 5, 2017 | The Config File Provider Plugin is used to centrally manage configuration files that often include secrets, such as passwords. Users with only Overall/Read access to Jenkins were able to access URLs directly that allowed viewing these files. Access to view these files now… | ||
| CVE-2017-8447 | Med | 0.42 | 6.5 | 0.01 | Sep 29, 2017 | An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enforcement. If a user has either 'delete' or 'index' permissions on an index in a cluster, they may be able to issue both delete and index requests against that index. | ||
| CVE-2017-12422 | Med | 0.42 | 6.5 | 0.02 | Aug 29, 2017 | NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors. | ||
| CVE-2017-10103 | Med | 0.42 | 6.5 | 0.02 | Aug 8, 2017 | Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with… | ||
| CVE-2017-7916 | Med | 0.42 | 6.5 | 0.01 | Aug 7, 2017 | A Permissions, Privileges, and Access Controls issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. The web application does not properly restrict privileges of the Guest account. A… | ||
| CVE-2016-8219 | Med | 0.42 | 6.5 | 0.01 | Jun 13, 2017 | An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-release versions prior to 1.12.0. A user with the SpaceAuditor role is over-privileged with the ability to restage applications. This could cause application downtime if the restage… | ||
| CVE-2016-2192 | Med | 0.42 | 6.5 | 0.01 | Jun 6, 2017 | PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for types they do not own. | ||
| CVE-2016-0767 | Med | 0.42 | 6.5 | 0.01 | Jun 6, 2017 | PostgreSQL PL/Java before 1.5.0 allows remote authenticated users with USAGE permission on the public schema to alter the public schema classpath. | ||
| CVE-2017-0310 | Med | 0.42 | 6.5 | 0.00 | Feb 15, 2017 | All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper access controls allowing unprivileged user to cause a denial of service. | ||
| CVE-2017-5572 | Med | 0.42 | 6.5 | 0.01 | Jan 30, 2017 | An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database. | ||
| CVE-2017-3257 | Med | 0.42 | 6.5 | 0.03 | Jan 27, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols… | ||
| CVE-2016-10010 | Hig | 0.42 | 7.0 | 0.04 | Jan 5, 2017 | sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c. | ||
| CVE-2025-9912 | Med | 0.41 | 6.3 | 0.00 | Jun 16, 2026 | Nokia SR Linux is vulnerable to a local privilege escalation vulnerability. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser privilege. | ||
| CVE-2026-11308 | Med | 0.41 | 6.3 | 0.00 | Jun 5, 2026 | Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. (Chromium security severity: Low) | ||
| CVE-2026-10217 | Med | 0.41 | 6.3 | 0.00 | Jun 1, 2026 | A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/tts_config.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is… |
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in Moodle 3.x. Students who submitted assignments and exported them to portfolios can download any stored Moodle file by changing the download URL.
- risk 0.42cvss 6.5epss 0.01
In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4
- risk 0.42cvss 6.5epss 0.01
A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. Affected releases are all versions of Junos Space Security Director prior to…
- risk 0.42cvss 6.5epss 0.01
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to a group's configuration page being editable by any group member even when they didn't have the admin role.
- risk 0.42cvss 6.5epss 0.01
In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create a Map as a read-only user, by forging a request and sending it to the server.
- risk 0.42cvss 6.5epss 0.01
The Config File Provider Plugin is used to centrally manage configuration files that often include secrets, such as passwords. Users with only Overall/Read access to Jenkins were able to access URLs directly that allowed viewing these files. Access to view these files now…
- risk 0.42cvss 6.5epss 0.01
An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enforcement. If a user has either 'delete' or 'index' permissions on an index in a cluster, they may be able to issue both delete and index requests against that index.
- risk 0.42cvss 6.5epss 0.02
NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors.
- risk 0.42cvss 6.5epss 0.02
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with…
- risk 0.42cvss 6.5epss 0.01
A Permissions, Privileges, and Access Controls issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. The web application does not properly restrict privileges of the Guest account. A…
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-release versions prior to 1.12.0. A user with the SpaceAuditor role is over-privileged with the ability to restage applications. This could cause application downtime if the restage…
- risk 0.42cvss 6.5epss 0.01
PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for types they do not own.
- risk 0.42cvss 6.5epss 0.01
PostgreSQL PL/Java before 1.5.0 allows remote authenticated users with USAGE permission on the public schema to alter the public schema classpath.
- risk 0.42cvss 6.5epss 0.00
All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper access controls allowing unprivileged user to cause a denial of service.
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database.
- risk 0.42cvss 6.5epss 0.03
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols…
- risk 0.42cvss 7.0epss 0.04
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
- risk 0.41cvss 6.3epss 0.00
Nokia SR Linux is vulnerable to a local privilege escalation vulnerability. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser privilege.
- risk 0.41cvss 6.3epss 0.00
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. (Chromium security severity: Low)
- risk 0.41cvss 6.3epss 0.00
A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/tts_config.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is…