Common Weakness Enumeration

CWE-266

Allowed

Incorrect Privilege Assignment

Abstraction: Base · Status: Draft

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

1913 vulnerabilities reference this CWE, most recent first.

GHSA-CQJH-9WGG-Q2V6

Vulnerability from github – Published: 2024-12-31 18:30 – Updated: 2024-12-31 18:30
VLAI
Details

A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52049.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-52048"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-31T16:15:26Z",
    "severity": "HIGH"
  },
  "details": "A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52049.\n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
  "id": "GHSA-cqjh-9wgg-q2v6",
  "modified": "2024-12-31T18:30:51Z",
  "published": "2024-12-31T18:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52048"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0018217"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CRP9-8XR4-FG7P

Vulnerability from github – Published: 2025-05-19 21:30 – Updated: 2026-04-28 21:35
VLAI
Details

Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-39366"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-19T20:15:24Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0.",
  "id": "GHSA-crp9-8xr4-fg7p",
  "modified": "2026-04-28T21:35:38Z",
  "published": "2025-05-19T21:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39366"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/theme/wproject/vulnerability/wordpress-wproject-theme-5-8-0-subscriber-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CRX9-Q52P-MH39

Vulnerability from github – Published: 2025-07-10 00:31 – Updated: 2025-07-30 18:31
VLAI
Details

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS and Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.

The GlobalProtect app on Windows, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-0140"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-09T23:15:24Z",
    "severity": "MODERATE"
  },
  "details": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS and Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.\n\nThe GlobalProtect app on Windows, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.",
  "id": "GHSA-crx9-q52p-mh39",
  "modified": "2025-07-30T18:31:31Z",
  "published": "2025-07-10T00:31:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0140"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0140"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-CV9F-R9M5-V3WW

Vulnerability from github – Published: 2026-05-29 18:31 – Updated: 2026-05-29 18:31
VLAI
Details

A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the GitHub issue for this vulnerability without any explanation. Afterwards the vendor was contacted early about this disclosure via email but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-10070"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-29T18:16:30Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the GitHub issue for this vulnerability without any explanation. Afterwards the vendor was contacted early about this disclosure via email but did not respond in any way.",
  "id": "GHSA-cv9f-r9m5-v3ww",
  "modified": "2026-05-29T18:31:34Z",
  "published": "2026-05-29T18:31:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10070"
    },
    {
      "type": "WEB",
      "url": "https://github.com/macrozheng/mall/issues/970"
    },
    {
      "type": "WEB",
      "url": "https://github.com/macrozheng/mall"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/818384"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/367156"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/367156/cti"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-CV9J-VCQ6-7GCP

Vulnerability from github – Published: 2025-03-31 12:30 – Updated: 2025-03-31 12:30
VLAI
Details

A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is an unknown function of the file /goform/AdvSetWrlmacfilter of the component Web Management Interface. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-2991"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-31T11:15:39Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is an unknown function of the file /goform/AdvSetWrlmacfilter of the component Web Management Interface. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-cv9j-vcq6-7gcp",
  "modified": "2025-03-31T12:30:45Z",
  "published": "2025-03-31T12:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2991"
    },
    {
      "type": "WEB",
      "url": "https://lavender-bicycle-a5a.notion.site/Tenda-FH1202-AdvSetWrlmacfilter-1bc53a41781f807d97f3d01957f442a0?pvs=4"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.302040"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.302040"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.523412"
    },
    {
      "type": "WEB",
      "url": "https://www.tenda.com.cn"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-CVWW-PX7G-8933

Vulnerability from github – Published: 2026-07-05 09:30 – Updated: 2026-07-05 09:30
VLAI
Details

A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint. Executing a manipulation of the argument role can lead to improper privilege management. The attack can be executed remotely. The exploit has been published and may be used. The name of the affected product appears to have a typo in it.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-14719"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-05T08:16:25Z",
    "severity": "MODERATE"
  },
  "details": "A flaw has been found in SourceCodester Onlne Examination \u0026 Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint. Executing a manipulation of the argument role can lead to improper privilege management. The attack can be executed remotely. The exploit has been published and may be used. The name of the affected product appears to have a typo in it.",
  "id": "GHSA-cvww-px7g-8933",
  "modified": "2026-07-05T09:30:23Z",
  "published": "2026-07-05T09:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-14719"
    },
    {
      "type": "WEB",
      "url": "https://pastebin.com/Z4i5MGxk"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/cve/CVE-2026-14719"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/847515"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/376307"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/376307/cti"
    },
    {
      "type": "WEB",
      "url": "https://www.sourcecodester.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-CW4G-6V74-6MHC

Vulnerability from github – Published: 2026-03-05 06:30 – Updated: 2026-03-09 15:30
VLAI
Details

Incorrect Privilege Assignment vulnerability in ameliabooking Amelia ameliabooking allows Privilege Escalation.This issue affects Amelia: from n/a through <= 1.2.38.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-24963"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-05T06:16:23Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Privilege Assignment vulnerability in ameliabooking Amelia ameliabooking allows Privilege Escalation.This issue affects Amelia: from n/a through \u003c= 1.2.38.",
  "id": "GHSA-cw4g-6v74-6mhc",
  "modified": "2026-03-09T15:30:32Z",
  "published": "2026-03-05T06:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24963"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/ameliabooking/vulnerability/wordpress-amelia-plugin-1-2-38-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CWP3-3MXC-V33W

Vulnerability from github – Published: 2025-01-28 21:31 – Updated: 2025-01-28 21:31
VLAI
Details

A vulnerability, which was classified as problematic, was found in pankajindevops scale up to 20241113. This affects an unknown part of the component API Endpoint. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-0783"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-28T19:15:14Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability, which was classified as problematic, was found in pankajindevops scale up to 20241113. This affects an unknown part of the component API Endpoint. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.",
  "id": "GHSA-cwp3-3mxc-v33w",
  "modified": "2025-01-28T21:31:03Z",
  "published": "2025-01-28T21:31:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0783"
    },
    {
      "type": "WEB",
      "url": "https://docs.google.com/document/d/1FCJveTlXtJd8EJRW2-LXwuhno92JaVt3_98Iqrdoc6M/edit?tab=t.0#heading=h.bbpri264qnth"
    },
    {
      "type": "WEB",
      "url": "https://drive.google.com/file/d/1KqzS5bMyPtgO9eIk_-que50tZU097RVi/view"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.293907"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.293907"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.480350"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-CXFP-7PVR-95FF

Vulnerability from github – Published: 2025-05-21 18:01 – Updated: 2025-05-28 19:45
VLAI
Summary
containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods.
Details

Impact

A bug was found in the containerd's CRI implementation where containerd doesn't put usernamespaced containers under the Kubernetes' cgroup hierarchy, therefore some Kubernetes limits are not honored. This may cause a denial of service of the Kubernetes node.

Patches

This bug has been fixed in containerd 2.0.5+ and 2.1.0+. Users should update to these versions to resolve the issue.

Workarounds

Disable usernamespaced pods in Kubernetes temporarily.

Credits

The containerd project would like to thank Rodrigo Campos Catelin and Piotr Rogowski for responsibly disclosing this issue in accordance with the containerd security policy.

For more information

If you have any questions or comments about this advisory:

  • Open an issue in containerd
  • Email us at security@containerd.io

To report a security issue in containerd: * Report a new vulnerability * Email us at security@containerd.io

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.0.4"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containerd/containerd/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.1"
            },
            {
              "fixed": "2.0.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-47291"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-05-21T18:01:48Z",
    "nvd_published_at": "2025-05-21T18:15:52Z",
    "severity": "MODERATE"
  },
  "details": "# Impact\n\nA bug was found in the containerd\u0027s CRI implementation where containerd doesn\u0027t put usernamespaced containers under the Kubernetes\u0027 cgroup hierarchy, therefore some Kubernetes limits are not honored. This may cause a denial of service of the Kubernetes node.\n\n# Patches\n\nThis bug has been fixed in containerd 2.0.5+ and 2.1.0+. Users should update to these versions to resolve the issue.\n\n# Workarounds\n\nDisable usernamespaced pods in Kubernetes temporarily.\n\n# Credits\n\nThe containerd project would like to thank Rodrigo Campos Catelin and Piotr Rogowski for responsibly disclosing this issue in accordance with the [containerd security policy](https://github.com/containerd/project/blob/main/SECURITY.md).\n\n#  For more information\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [containerd](https://github.com/containerd/containerd/issues/new/choose)\n* Email us at security@containerd.io\n\nTo report a security issue in containerd:\n* [Report a new vulnerability](https://github.com/containerd/containerd/security/advisories/new)\n* Email us at [security@containerd.io](mailto:security@containerd.io)",
  "id": "GHSA-cxfp-7pvr-95ff",
  "modified": "2025-05-28T19:45:21Z",
  "published": "2025-05-21T18:01:48Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/security/advisories/GHSA-cxfp-7pvr-95ff"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47291"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/containerd/containerd"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2025-3701"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
      "type": "CVSS_V4"
    }
  ],
  "summary": "containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods."
}

GHSA-CXHM-M7WH-3QMW

Vulnerability from github – Published: 2024-12-31 15:30 – Updated: 2026-04-01 18:32
VLAI
Details

Incorrect Privilege Assignment vulnerability in AI Magic allows Privilege Escalation.This issue affects AI Magic: from n/a through 1.0.4.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-56205"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-31T13:15:08Z",
    "severity": "CRITICAL"
  },
  "details": "Incorrect Privilege Assignment vulnerability in AI Magic allows Privilege Escalation.This issue affects AI Magic: from n/a through 1.0.4.",
  "id": "GHSA-cxhm-m7wh-3qmw",
  "modified": "2026-04-01T18:32:54Z",
  "published": "2024-12-31T15:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56205"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/newsletter-page-redirects/vulnerability/wordpress-ai-magic-seo-content-generator-article-writer-plugin-1-0-4-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

No CAPEC attack patterns related to this CWE.