CWE-269
Improper Privilege Management
Description
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-122 · CAPEC-233 · CAPEC-58
CVEs mapped to this weakness (1,039)
page 50 of 52| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-2023 | 0.00 | — | 0.01 | Jun 10, 2020 | Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata… | |||
| CVE-2020-7014 | 0.00 | — | 0.02 | Jun 3, 2020 | The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an… | |||
| CVE-2020-12689 | — | 0.00 | — | 0.02 | May 6, 2020 | An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer… | ||
| CVE-2020-7009 | 0.00 | — | 0.02 | Mar 31, 2020 | Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with… | |||
| CVE-2020-10793 | — | 0.00 | — | 0.02 | Mar 23, 2020 | CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post… | ||
| CVE-2020-10661 | — | 0.00 | — | 0.01 | Mar 23, 2020 | HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4. | ||
| CVE-2020-10660 | — | 0.00 | — | 0.01 | Mar 23, 2020 | HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3 may, under certain circumstances, have an Entity's Group membership inadvertently include Groups the Entity no longer has permissions to. Fixed in 1.3.4. | ||
| CVE-2019-19023 | — | 0.00 | — | 0.02 | Mar 20, 2020 | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform. | ||
| CVE-2020-7938 | — | 0.00 | — | 0.01 | Jan 23, 2020 | plone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain privilege level to escalate their privileges up to the highest level. | ||
| CVE-2020-7941 | — | 0.00 | — | 0.02 | Jan 23, 2020 | A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT (overwrite) some content without needing write permission. | ||
| CVE-2019-16777 | 0.00 | — | 0.02 | Dec 13, 2019 | Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any… | |||
| CVE-2013-4251 | 0.00 | — | 0.00 | Nov 4, 2019 | The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. | |||
| CVE-2018-21025 | — | 0.00 | — | 0.03 | Oct 8, 2019 | In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files. | ||
| CVE-2019-12618 | — | 0.00 | — | 0.02 | Aug 12, 2019 | HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver. | ||
| CVE-2019-11328 | — | 0.00 | — | 0.02 | May 14, 2019 | An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing//… | ||
| CVE-2019-6287 | 0.00 | — | 0.01 | Apr 10, 2019 | In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it. | |||
| CVE-2019-3849 | 0.00 | — | 0.01 | Mar 26, 2019 | A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Users could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the LTI publisher site. | |||
| CVE-2018-11767 | 0.00 | — | 0.04 | Mar 18, 2019 | In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms. | |||
| CVE-2017-6924 | 0.00 | — | 0.02 | Jan 15, 2019 | In Drupal 8 prior to 8.3.7; When using the REST API, users without the correct permission can post comments via REST that are approved even if the user does not have permission to post approved comments. This issue only affects sites that have the RESTful Web Services (rest)… | |||
| CVE-2017-6925 | 0.00 | — | 0.03 | Jan 15, 2019 | In versions of Drupal 8 core prior to 8.3.7; There is a vulnerability in the entity access system that could allow unwanted access to view, create, update, or delete entities. This only affects entities that do not use or do not have UUIDs, and entities that have different… |
- CVE-2020-2023Jun 10, 2020risk 0.00cvss —epss 0.01
Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata…
- CVE-2020-7014Jun 3, 2020risk 0.00cvss —epss 0.02
The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an…
- CVE-2020-12689May 6, 2020risk 0.00cvss —epss 0.02
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer…
- CVE-2020-7009Mar 31, 2020risk 0.00cvss —epss 0.02
Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with…
- CVE-2020-10793Mar 23, 2020risk 0.00cvss —epss 0.02
CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post…
- CVE-2020-10661Mar 23, 2020risk 0.00cvss —epss 0.01
HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4.
- CVE-2020-10660Mar 23, 2020risk 0.00cvss —epss 0.01
HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3 may, under certain circumstances, have an Entity's Group membership inadvertently include Groups the Entity no longer has permissions to. Fixed in 1.3.4.
- CVE-2019-19023Mar 20, 2020risk 0.00cvss —epss 0.02
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform.
- CVE-2020-7938Jan 23, 2020risk 0.00cvss —epss 0.01
plone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain privilege level to escalate their privileges up to the highest level.
- CVE-2020-7941Jan 23, 2020risk 0.00cvss —epss 0.02
A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT (overwrite) some content without needing write permission.
- CVE-2019-16777Dec 13, 2019risk 0.00cvss —epss 0.02
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any…
- CVE-2013-4251Nov 4, 2019risk 0.00cvss —epss 0.00
The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories.
- CVE-2018-21025Oct 8, 2019risk 0.00cvss —epss 0.03
In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files.
- CVE-2019-12618Aug 12, 2019risk 0.00cvss —epss 0.02
HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver.
- CVE-2019-11328May 14, 2019risk 0.00cvss —epss 0.02
An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing//…
- CVE-2019-6287Apr 10, 2019risk 0.00cvss —epss 0.01
In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it.
- CVE-2019-3849Mar 26, 2019risk 0.00cvss —epss 0.01
A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Users could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the LTI publisher site.
- CVE-2018-11767Mar 18, 2019risk 0.00cvss —epss 0.04
In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms.
- CVE-2017-6924Jan 15, 2019risk 0.00cvss —epss 0.02
In Drupal 8 prior to 8.3.7; When using the REST API, users without the correct permission can post comments via REST that are approved even if the user does not have permission to post approved comments. This issue only affects sites that have the RESTful Web Services (rest)…
- CVE-2017-6925Jan 15, 2019risk 0.00cvss —epss 0.03
In versions of Drupal 8 core prior to 8.3.7; There is a vulnerability in the entity access system that could allow unwanted access to view, create, update, or delete entities. This only affects entities that do not use or do not have UUIDs, and entities that have different…