VYPR

CWE-269

Improper Privilege Management

ClassDraftLikelihood: Medium

Description

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-122 · CAPEC-233 · CAPEC-58

CVEs mapped to this weakness (1,039)

page 52 of 52
  • CVE-2014-3499Jul 11, 2014
    risk 0.00cvss epss 0.00

    Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

  • CVE-2014-3476Jun 17, 2014
    risk 0.00cvss epss 0.02

    OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a (1) trust or (2) OAuth token with impersonation enabled to create…

  • CVE-2014-0185May 6, 2014
    risk 0.00cvss epss 0.01

    sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client.

  • CVE-2014-1526Apr 30, 2014
    risk 0.00cvss epss 0.02

    The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods…

  • CVE-2014-1520Apr 30, 2014
    risk 0.00cvss epss 0.00

    maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update…

  • CVE-2013-6391Dec 14, 2013
    risk 0.00cvss epss 0.02

    The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and…

  • CVE-2011-4941Sep 18, 2012
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Piwik 1.2 through 1.4 allows remote attackers with the view permission to execute arbitrary code via unknown attack vectors.

  • CVE-2012-1053May 29, 2012
    risk 0.00cvss epss 0.00

    The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain…

  • CVE-2011-3054Mar 22, 2012
    risk 0.00cvss epss 0.02

    The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

  • CVE-2011-4356Dec 5, 2011
    risk 0.00cvss epss 0.00

    Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via…

  • CVE-2011-3898Nov 11, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet.

  • CVE-2011-2674Oct 2, 2011
    risk 0.00cvss epss 0.01

    BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors.

  • CVE-2011-1526Jul 11, 2011
    risk 0.00cvss epss 0.04

    ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read…

  • CVE-2007-6741Oct 19, 2010
    risk 0.00cvss epss 0.02

    The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP connections to privileged ports if the destination IP address matches the source IP address of the connection from the FTP client, which might allow remote authenticated users to conduct FTP…

  • CVE-2009-2848Aug 18, 2009
    risk 0.00cvss epss 0.01

    The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with…

  • CVE-2008-2271May 16, 2008
    risk 0.00cvss epss 0.02

    The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote authenticated users to gain privileges of other users by leveraging the "access content" permission to list tables and obtain session IDs from the database.

  • CVE-2007-2444May 14, 2007
    risk 0.00cvss epss 0.01

    Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

  • CVE-2004-1349Oct 4, 2004
    risk 0.00cvss epss 0.01

    gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files.

  • CVE-2002-0080Mar 15, 2002
    risk 0.00cvss epss 0.01

    rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.