CWE-269— Improper Privilege Management
4,227 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-269page 41 of 85
- CVE-2021-29802HIGHCVSS 7.5EG 7.52021-08-23
IBM Security SOAR performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
- CVE-2021-29824MEDIUMCVSS 4.3EG 4.32022-04-22
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to priviledge escalation where a lower level user could have read access to to the 'Data Connections' page to which they don't have access. IBM X-Force ID: 204468.
- CVE-2021-29951MEDIUMCVSS 6.5EG 6.52021-06-24
The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operati…
- CVE-2021-30132CRITICALCVSS 9.8EG 9.82021-11-08
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.
- CVE-2021-30152MEDIUMCVSS 4.3EG 4.32021-04-09
An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for.
- CVE-2021-3020HIGHCVSS 8.8EG 8.82022-08-26
An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain …
- CVE-2021-30349HIGHCVSS 8.2EG 6.72022-06-14
Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…
- CVE-2021-30355HIGHCVSS 8.6EG 8.62021-09-01
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root.
- CVE-2021-30462HIGHCVSS 7.2EG 7.22021-04-08
VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts.
- CVE-2021-30478MEDIUMCVSS 4.3EG 4.32021-04-15
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the can_forge_sender permission (previously is_api_super_user) resulted in users with this permission being able to send messages appearing as if sent by a …
- CVE-2021-30479MEDIUMCVSS 5.3EG 5.32021-04-15
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the all_public_streams API feature resulted in guest users being able to receive message traffic to public streams that should have been only accessible to …
- CVE-2021-30724HIGHCVSS 7.8EG 7.82021-09-08
This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local attacker may be able to…
- CVE-2021-30772HIGHCVSS 7.8EG 7.82021-09-08
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to gain root privileges.
- CVE-2021-30829HIGHCVSS 7.8EG 7.82021-10-19
A URI parsing issue was addressed with improved parsing. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to execute arbitrary files.
- CVE-2021-3100HIGHCVSS 8.8EG 8.82022-04-19
The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-13 didn’t mimic the permissions of the JVM being patched, allowing it to escalate privileges.
- CVE-2021-3101HIGHCVSS 8.8EG 8.82022-04-19
Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux label of the target JVM process. This would allow a container to gain full privileges on the host, bypassing restrictions set on the container.
- CVE-2021-31165HIGHCVSS 7.8EG 7.82021-05-11
Windows Container Manager Service Elevation of Privilege Vulnerability
- CVE-2021-31167HIGHCVSS 7.8EG 7.82021-05-11
Windows Container Manager Service Elevation of Privilege Vulnerability
- CVE-2021-31168HIGHCVSS 7.8EG 7.82021-05-11
Windows Container Manager Service Elevation of Privilege Vulnerability
- CVE-2021-31169HIGHCVSS 7.8EG 7.82021-05-11
Windows Container Manager Service Elevation of Privilege Vulnerability
- CVE-2021-31170HIGHCVSS 7.8EG 7.82021-05-11
Windows Graphics Component Elevation of Privilege Vulnerability
- CVE-2021-31187HIGHCVSS 7.8EG 7.82021-05-11
Windows WalletService Elevation of Privilege Vulnerability
- CVE-2021-31188HIGHCVSS 7.8EG 5.52021-05-11
Windows Graphics Component Elevation of Privilege Vulnerability
- CVE-2021-31190HIGHCVSS 7.8EG 7.82021-05-11
Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability
- CVE-2021-31193HIGHCVSS 7.8EG 7.82021-05-11
Windows SSDP Service Elevation of Privilege Vulnerability
- CVE-2021-31199MEDIUMCVSS 5.2EG 9.0⚠ KEV2021-06-08
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
- CVE-2021-31201MEDIUMCVSS 5.2EG 9.0⚠ KEV2021-06-08
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
- CVE-2021-31208HIGHCVSS 7.8EG 7.82021-05-11
Windows Container Manager Service Elevation of Privilege Vulnerability
- CVE-2021-3134HIGHCVSS 7.8EG 7.82021-01-12
Mubu 2.2.1 allows local users to gain privileges to execute commands, aka CNVD-2020-68878.
- CVE-2021-31350HIGHCVSS 7.5EG 7.52021-10-19
An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perfo…
- CVE-2021-31359HIGHCVSS 7.8EG 7.82021-10-19
A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute…
- CVE-2021-31360HIGHCVSS 7.1EG 7.12021-10-19
An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue…
- CVE-2021-31523HIGHCVSS 7.8EG 7.82021-04-21
The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has cap_net_raw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to gain privileges because this is arguably incompatible with the design of the Me…
- CVE-2021-31532MEDIUMCVSS 6.8EG 6.82021-05-06
NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1 and B2), i.MX RT600 (silicon rev A0, B0), LPC55S6x, LPC55S2x, LPC552x (silicon rev 0A, 1B), LPC55S1x, LPC551x (silicon rev 0A) and LPC55S0x, LPC550x (silicon rev 0A) inc…
- CVE-2021-31581HIGHCVSS 7.9EG 7.92021-07-22
The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was re…
- CVE-2021-31585MEDIUMCVSS 6.7EG 6.72021-06-23
Accellion Kiteworks before 7.3.1 allows a user with Admin privileges to escalate their privileges by generating SSH passwords that allow local access.
- CVE-2021-3162HIGHCVSS 7.8EG 7.82021-01-15
Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation.
- CVE-2021-31833HIGHCVSS 7.1EG 7.82022-01-04
Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting…
- CVE-2021-31836MEDIUMCVSS 5.6EG 7.12021-09-22
Improper privilege management vulnerability in maconfig for McAfee Agent for Windows prior to 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a l…
- CVE-2021-31839MEDIUMCVSS 4.8EG 3.32021-06-10
Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a local user to modify event information in the MA event folder. This allows a local user to either add false events or remove events from the ev…
- CVE-2021-31843HIGHCVSS 7.3EG 7.82021-09-17
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links t…
- CVE-2021-31847HIGHCVSS 8.2EG 7.82021-09-22
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and t…
- CVE-2021-31859HIGHCVSS 7.8EG 7.82021-07-14
Incorrect privileges in the MU55 FlexiSpooler service in YSoft SafeQ 6 6.0.55 allows local user privilege escalation by overwriting the executable file via an alternative data stream.
- CVE-2021-31928HIGHCVSS 8.8EG 8.82021-06-10
Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to escalate privileges to superadministrator. It was fixed in v2021.1.0.2.
- CVE-2021-31937HIGHCVSS 8.2EG 8.22023-06-28
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- CVE-2021-31938HIGHCVSS 7.3EG 7.82021-06-08
Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability
- CVE-2021-31951HIGHCVSS 7.8EG 7.82021-06-08
Windows Kernel Elevation of Privilege Vulnerability
- CVE-2021-31952HIGHCVSS 7.8EG 7.82021-06-08
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
- CVE-2021-31953HIGHCVSS 7.8EG 7.82021-06-08
Windows Filter Manager Elevation of Privilege Vulnerability
- CVE-2021-31954HIGHCVSS 7.8EG 7.82021-06-08
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Map vulnerabilities like CWE-269 to your infrastructure
EchelonGraph correlates every CVE — across CWE-269 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →