VYPR

CWE-269

Improper Privilege Management

ClassDraftLikelihood: Medium

Description

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-122 · CAPEC-233 · CAPEC-58

CVEs mapped to this weakness (1,039)

page 39 of 52
  • CVE-2024-43446LowJan 27, 2025
    risk 0.23cvss 3.5epss 0.00

    An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * ((OTRS)) Community…

  • CVE-2020-1938KEVFeb 24, 2020
    risk 0.23cvss epss 0.99

    When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be…

  • CVE-2026-41330MedApr 21, 2026
    risk 0.22cvss 4.4epss 0.00

    OpenClaw before 2026.3.31 contains an environment variable override vulnerability in host exec policy that fails to properly enforce proxy, TLS, Docker, and Git TLS controls. Attackers can bypass security controls by overriding environment variables to circumvent proxy settings,…

  • CVE-2026-28586LowJun 1, 2026
    risk 0.21cvss 3.3epss 0.00

    In multiple functions of AppOpsService.java, there is a possible missing permission check due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-0050LowJun 1, 2026
    risk 0.21cvss 3.3epss 0.00

    In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-0016LowJun 1, 2026
    risk 0.21cvss 3.3epss 0.00

    In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across users due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not…

  • CVE-2026-8327MedMay 21, 2026
    risk 0.21cvss 4.3epss 0.00

    Concrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and session-hardening bypass. The user-profile edit controller passes the entire raw POST array to UserInfo::update() without field whitelisting resulting in password change without…

  • CVE-2026-31369LowApr 21, 2026
    risk 0.21cvss 3.2epss 0.00

    PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability

  • CVE-2024-23253LowMar 8, 2024
    risk 0.21cvss 3.3epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.4. An app may be able to access a user's Photos Library.

  • CVE-2017-2662MedAug 22, 2018
    risk 0.21cvss 4.3epss 0.01

    A flaw was found in Foreman's katello plugin version 3.4.5. After setting a new role to allow restricted access on a repository with a filter (filter set on the Product Name), the filter is not respected when the actions are done via hammer using the repository id.

  • CVE-2017-5084LowOct 27, 2017
    risk 0.21cvss 3.3epss 0.00

    Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.

  • CVE-2017-6954MedMar 17, 2017
    risk 0.21cvss 4.3epss 0.01

    An issue was discovered in includes/component.php in the BuddyPress Docs plugin before 1.9.3 for WordPress. It is possible for authenticated users to edit documents of other users without proper permissions.

  • CVE-2026-53862MedJun 16, 2026
    risk 0.20cvss 4.2epss 0.00

    OpenClaw before 2026.5.12 contains a bootstrap token replay vulnerability allowing callers with pending token access to reuse tokens with broader requested scopes. Attackers can replay bootstrap tokens before approval to escalate pairing authority beyond intended scope limits.

  • CVE-2026-46424MedMay 27, 2026
    risk 0.20cvss 4.2epss 0.00

    Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint (POST /api/public/v1/roles/unassign) updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication…

  • CVE-2017-1150LowMar 8, 2017
    risk 0.20cvss 3.1epss 0.01

    IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated attacker with specialized access to tables that they should not be permitted to view. IBM Reference #: 1999515.

  • CVE-2026-44987LowMay 8, 2026
    risk 0.18cvss 3.8epss 0.00

    SysReptor is a fully customizable pentest reporting platform. Prior to version 2026.29, users with "User Admin" permissions can change the email addresses of users with "Superuser" permissions. If the SysReptor installation has the "Forgot Password" functionality enabled…

  • CVE-2024-29210LowMay 7, 2024
    risk 0.18cvss 2.8epss 0.00

    A local privilege escalation (LPE) vulnerability has been identified in Phish Alert Button for Outlook (PAB), specifically within its configuration management functionalities. This vulnerability allows a regular user to modify the application's configuration file to redirect…

  • CVE-2024-39302LowJun 28, 2024
    risk 0.17cvss 3.7epss 0.00

    BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the `/usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0` directory with the goal…

  • CVE-2017-10292LowOct 19, 2017
    risk 0.15cvss 2.3epss 0.00

    Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with logon to the infrastructure where…

  • CVE-2025-57840LowDec 24, 2025
    risk 0.14cvss 2.2epss 0.00

    ADB(Android Debug Bridge) is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability.