VYPR

CWE-269

Improper Privilege Management

ClassDraftLikelihood: Medium

Description

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-122 · CAPEC-233 · CAPEC-58

CVEs mapped to this weakness (1,039)

page 48 of 52
  • CVE-2022-23118Jan 12, 2022
    risk 0.00cvss epss 0.02

    Jenkins Debian Package Builder Plugin 1.6.11 and earlier implements functionality that allows agents to invoke command-line `git` at an attacker-specified path on the controller, allowing attackers able to control agent processes to invoke arbitrary OS commands on the controller.

  • CVE-2022-23117Jan 12, 2022
    risk 0.00cvss epss 0.01

    Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins controller.

  • CVE-2022-0144Jan 11, 2022
    risk 0.00cvss epss 0.00

    shelljs is vulnerable to Improper Privilege Management

  • CVE-2021-43835Dec 15, 2021
    risk 0.00cvss epss 0.01

    Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions Sulu users who have access to any subset of the admin UI are able to elevate their privilege. Over the API it was possible for them to give themselves permissions to areas…

  • CVE-2021-37941Dec 8, 2021
    risk 0.00cvss epss 0.00

    A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector, a malicious or compromised user account could use the agent to run commands at a…

  • CVE-2021-28680Dec 7, 2021
    risk 0.00cvss epss 0.01

    The devise_masquerade gem before 1.3 allows certain attacks when a password's salt is unknown. An application that uses this gem to let administrators masquerade/impersonate users loses one layer of security protection compared to a situation where Devise (without this…

  • CVE-2021-22966Nov 19, 2021
    risk 0.00cvss epss 0.01

    Privilege escalation from Editor to Admin using Groups in Concrete CMS versions 8.5.6 and below. If a group is granted "view" permissions on the bulkupdate page, then users in that group can escalate to being an administrator with a specially crafted curl. Fixed by adding a…

  • CVE-2021-41802Oct 8, 2021
    risk 0.00cvss epss 0.01

    HashiCorp Vault and Vault Enterprise through 1.7.4 and 1.8.3 allowed a user with write permission to an entity alias ID sharing a mount accessor with another user to acquire this other user’s policies by merging their identities. Fixed in Vault and Vault Enterprise 1.7.5 and…

  • CVE-2021-39192Sep 3, 2021
    risk 0.00cvss epss 0.01

    Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege…

  • CVE-2021-39167Aug 26, 2021
    risk 0.00cvss epss 0.02

    OpenZepplin is a library for smart contract development. In affected versions a vulnerability in TimelockController allowed an actor with the executor role to escalate privileges. Further details about the vulnerability will be disclosed at a later date. As a workaround revoke…

  • CVE-2021-39168Aug 26, 2021
    risk 0.00cvss epss 0.02

    OpenZepplin is a library for smart contract development. In affected versions a vulnerability in TimelockController allowed an actor with the executor role to escalate privileges. Further details about the vulnerability will be disclosed at a later date. As a workaround revoke…

  • CVE-2021-37627Aug 11, 2021
    risk 0.00cvss epss 0.01

    Contao is an open source CMS that allows creation of websites and scalable web applications. In affected versions it is possible to gain privileged rights in the Contao back end. Installations are only affected if they have untrusted back end users who have access to the form…

  • CVE-2021-33335Aug 3, 2021
    risk 0.00cvss epss 0.01

    Privilege escalation vulnerability in Liferay Portal 7.0.3 through 7.3.4, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 9 allows remote authenticated users with permission to update/edit users to take over a company administrator user account by editing the…

  • CVE-2021-34802Jul 27, 2021
    risk 0.00cvss epss 0.01

    A failure in resetting the security context in some transaction actions in Neo4j Graph Database 4.2 and 4.3 could allow authenticated users to execute commands with elevated privileges.

  • CVE-2020-1742Jun 7, 2021
    risk 0.00cvss epss 0.00

    An insecure modification vulnerability flaw was found in containers using nmstate/kubernetes-nmstate-handler. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Versions before kubernetes-nmstate-handler-container-v2.…

  • CVE-2021-22118May 27, 2021
    risk 0.00cvss epss 0.00

    In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been…

  • CVE-2021-31155May 27, 2021
    risk 0.00cvss epss 0.00

    Failure to normalize the umask in please before 0.4 allows a local attacker to gain full root privileges if they are allowed to execute at least one command.

  • CVE-2021-21430May 10, 2021
    risk 0.00cvss epss 0.00

    OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave…

  • CVE-2021-21428May 10, 2021
    risk 0.00cvss epss 0.00

    Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the…

  • CVE-2021-29452Apr 16, 2021
    risk 0.00cvss epss 0.01

    a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged…