Common Weakness Enumeration

CWE-269

Discouraged

Improper Privilege Management

Abstraction: Class · Status: Draft

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

5455 vulnerabilities reference this CWE, most recent first.

CVE-2024-23537 (GCVE-0-2024-23537)

Vulnerability from cvelistv5 – Published: 2024-03-29 14:38 – Updated: 2025-02-13 17:39
VLAI
Title
Apache Fineract: Under certain circumstances, this vulnerability allowed users, without specific permissions, to escalate their privileges to any role.
Summary
Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.9.0, which fixes the issue.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
Impacted products
Vendor Product Version
Apache Software Foundation Apache Fineract Affected: 0 , < 1.9.0 (semver)
Create a notification for this product.
apache fineract Affected: 0 , < 1.9.0 (custom)
    cpe:2.3:a:apache:fineract:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Yash Sancheti
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:fineract:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "fineract",
            "vendor": "apache",
            "versions": [
              {
                "lessThan": "1.9.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-23537",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-08T18:09:05.990965Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-08T20:06:52.390Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:06:25.238Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/fq1ns4nprw2vqpkwwj9sw45jkwxmt9f1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/29/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Fineract",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "1.9.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Yash Sancheti"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Privilege Management vulnerability in Apache Fineract.\u003cp\u003eThis issue affects Apache Fineract: \u0026lt;1.8.5.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.9.0, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract: \u003c1.8.5.\n\nUsers are recommended to upgrade to version 1.9.0, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-01T18:06:44.197Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/fq1ns4nprw2vqpkwwj9sw45jkwxmt9f1"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/03/29/1"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Fineract: Under certain circumstances, this vulnerability allowed users, without specific permissions, to escalate their privileges to any role.",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-23537",
    "datePublished": "2024-03-29T14:38:05.738Z",
    "dateReserved": "2024-01-18T04:59:16.245Z",
    "dateUpdated": "2025-02-13T17:39:45.238Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-23457 (GCVE-0-2024-23457)

Vulnerability from cvelistv5 – Published: 2024-05-01 16:26 – Updated: 2024-08-01 23:06
VLAI
Title
Anti-tampering can be disabled with uninstall password enforced
Summary
The anti-tampering functionality of the Zscaler Client Connector can be disabled under certain conditions when an uninstall password is enforced. This affects Zscaler Client Connector on Windows prior to 4.2.0.209
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
Impacted products
Vendor Product Version
Zscaler Client Connector Affected: 0 , < 4.2.0.209 (custom)
Create a notification for this product.
zscaler client_connector Affected: 0 , < 4.2.0.209 (custom)
    cpe:2.3:a:zscaler:client_connector:-:*:*:*:*:windows:*:*
Create a notification for this product.
Credits
Westpac Red Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:zscaler:client_connector:-:*:*:*:*:windows:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "client_connector",
            "vendor": "zscaler",
            "versions": [
              {
                "lessThan": "4.2.0.209",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-23457",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-14T18:58:10.245315Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-14T18:59:34.369Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:06:24.279Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "Client Connector",
          "vendor": "Zscaler",
          "versions": [
            {
              "lessThan": "4.2.0.209",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Westpac Red Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The anti-tampering functionality of the Zscaler Client Connector can be disabled under certain conditions when an uninstall password is enforced. This affects Zscaler Client Connector on Windows prior to 4.2.0.209\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "The anti-tampering functionality of the Zscaler Client Connector can be disabled under certain conditions when an uninstall password is enforced. This affects Zscaler Client Connector on Windows prior to 4.2.0.209\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-554",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-554 Functionality Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-01T16:26:11.546Z",
        "orgId": "73c6f63b-efac-410d-a0a9-569700f85a04",
        "shortName": "Zscaler"
      },
      "references": [
        {
          "url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Anti-tampering can be disabled with uninstall password enforced",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "73c6f63b-efac-410d-a0a9-569700f85a04",
    "assignerShortName": "Zscaler",
    "cveId": "CVE-2024-23457",
    "datePublished": "2024-05-01T16:26:11.546Z",
    "dateReserved": "2024-01-17T15:15:47.221Z",
    "dateUpdated": "2024-08-01T23:06:24.279Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-22278 (GCVE-0-2024-22278)

Vulnerability from cvelistv5 – Published: 2024-08-02 00:59 – Updated: 2024-08-14 21:35
VLAI
Title
Harbor fails to validate the user permissions when updating project configurations
Summary
Incorrect user permission validation in Harbor <v2.9.5 and Harbor <v2.10.3 allows authenticated users to modify configurations.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
Impacted products
Vendor Product Version
harbor harbor Affected: 2.9.4 , < <v2.9.5 (custom)
Affected: 2.10.2 , < <v2.10.3 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22278",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-02T16:14:46.125656Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:15:02.950Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "harbor",
          "vendor": "harbor",
          "versions": [
            {
              "lessThan": "\u003cv2.9.5",
              "status": "affected",
              "version": "2.9.4",
              "versionType": "custom"
            },
            {
              "lessThan": "\u003cv2.10.3",
              "status": "affected",
              "version": "2.10.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Incorrect user permission validation in Harbor \u0026lt;v2.9.5 and Harbor \u0026lt;v2.10.3 allows authenticated users to modify configurations."
            }
          ],
          "value": "Incorrect user permission validation in Harbor \u003cv2.9.5 and Harbor \u003cv2.10.3 allows authenticated users to modify configurations."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-176",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-176 Configuration/Environment Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-14T21:35:37.751Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-hw28-333w-qxp3"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Harbor fails to validate the user permissions when updating project configurations",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2024-22278",
    "datePublished": "2024-08-02T00:59:55.313Z",
    "dateReserved": "2024-01-08T18:43:18.959Z",
    "dateUpdated": "2024-08-14T21:35:37.751Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-22157 (GCVE-0-2024-22157)

Vulnerability from cvelistv5 – Published: 2024-05-17 08:47 – Updated: 2026-04-28 16:09
VLAI
Title
WordPress SalesKing plugin <= 1.6.15 - Unauthenticated Privilege Escalation vulnerability
Summary
Improper Privilege Management vulnerability in WebWizards SalesKing allows Privilege Escalation.This issue affects SalesKing: from n/a through 1.6.15.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
WebWizards SalesKing Affected: n/a , ≤ 1.6.15 (custom)
Create a notification for this product.
Credits
Dave Jong (Patchstack)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22157",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-17T16:45:36.515688Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:52:49.116Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:34.932Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://patchstack.com/database/vulnerability/salesking/wordpress-salesking-plugin-1-6-15-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SalesKing",
          "vendor": "WebWizards",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.6.30",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "1.6.15",
              "status": "affected",
              "version": "n/a",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Dave Jong (Patchstack)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Privilege Management vulnerability in WebWizards SalesKing allows Privilege Escalation.\u003cp\u003eThis issue affects SalesKing: from n/a through 1.6.15.\u003c/p\u003e"
            }
          ],
          "value": "Improper Privilege Management vulnerability in WebWizards SalesKing allows Privilege Escalation.This issue affects SalesKing: from n/a through 1.6.15."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-28T16:09:09.028Z",
        "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "shortName": "Patchstack"
      },
      "references": [
        {
          "tags": [
            "vdb-entry"
          ],
          "url": "https://patchstack.com/database/vulnerability/salesking/wordpress-salesking-plugin-1-6-15-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update to 1.6.30 or a higher version."
            }
          ],
          "value": "Update to 1.6.30 or a higher version."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "WordPress SalesKing plugin \u003c= 1.6.15 - Unauthenticated  Privilege Escalation vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
    "assignerShortName": "Patchstack",
    "cveId": "CVE-2024-22157",
    "datePublished": "2024-05-17T08:47:16.592Z",
    "dateReserved": "2024-01-05T11:18:51.829Z",
    "dateUpdated": "2026-04-28T16:09:09.028Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-22069 (GCVE-0-2024-22069)

Vulnerability from cvelistv5 – Published: 2024-08-08 07:54 – Updated: 2024-08-08 13:07
VLAI
Title
Permission and Access Control Vulnerability in ZXV10 XT802/ET301
Summary
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
zte
Impacted products
Vendor Product Version
ZTE ZXV10 XT802 Affected: All versions up to V2.24.10P1 , < V2.24.10P1 (custom)
Create a notification for this product.
ZTE ZXV10 ET301 Affected: All versions up to V3.22.11P3 , < V3.22.11P3 (custom)
Create a notification for this product.
zte zxv10_et301_firmware Affected: 0 , < v3.22.11p3 (custom)
    cpe:2.3:o:zte:zxv10_et301_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
zte zxv10_xt802_firmware Affected: 0 , < v2.24.10p1 (custom)
    cpe:2.3:o:zte:zxv10_xt802_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:zte:zxv10_et301_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "zxv10_et301_firmware",
            "vendor": "zte",
            "versions": [
              {
                "lessThan": "v3.22.11p3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zte:zxv10_xt802_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "zxv10_xt802_firmware",
            "vendor": "zte",
            "versions": [
              {
                "lessThan": "v2.24.10p1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22069",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-08T13:02:00.504571Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-08T13:07:14.051Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "ZXV10 XT802",
          "vendor": "ZTE",
          "versions": [
            {
              "lessThan": "V2.24.10P1",
              "status": "affected",
              "version": "All versions up to V2.24.10P1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "ZXV10 ET301",
          "vendor": "ZTE",
          "versions": [
            {
              "lessThan": "V3.22.11P3",
              "status": "affected",
              "version": "All versions up to V3.22.11P3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There is a permission and access control vulnerability of ZTE\u0027s ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords.\u003cbr\u003e"
            }
          ],
          "value": "There is a permission and access control vulnerability of ZTE\u0027s ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-08T07:54:50.319Z",
        "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "shortName": "zte"
      },
      "references": [
        {
          "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1036424"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "ZXV10 XT802:V2.24.10P1   \u003cbr\u003eZXV10 ET301:V3.22.11P3"
            }
          ],
          "value": "ZXV10 XT802:V2.24.10P1   \nZXV10 ET301:V3.22.11P3"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Permission and Access Control Vulnerability in ZXV10 XT802/ET301",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
    "assignerShortName": "zte",
    "cveId": "CVE-2024-22069",
    "datePublished": "2024-08-08T07:54:50.319Z",
    "dateReserved": "2024-01-05T01:51:09.681Z",
    "dateUpdated": "2024-08-08T13:07:14.051Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-22068 (GCVE-0-2024-22068)

Vulnerability from cvelistv5 – Published: 2024-10-10 08:51 – Updated: 2024-10-10 13:38
VLAI
Title
Weak Password Vulnerability in ZTE ZSR V2 Intelligent Multi Service Router
Summary
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
zte
Impacted products
Vendor Product Version
ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series Affected: V4.00.10 and earlier (custom)
Create a notification for this product.
zte zxr10_3800-8_firmware Affected: 0 , ≤ v4.00.10 (custom)
    cpe:2.3:o:zte:zxr10_160_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:zte:zxr10_1800-2s_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:zte:zxr10_2800-4_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:zte:zxr10_3800-8_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:zte:zxr10_160_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:zte:zxr10_1800-2s_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:zte:zxr10_2800-4_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:zte:zxr10_3800-8_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "zxr10_3800-8_firmware",
            "vendor": "zte",
            "versions": [
              {
                "lessThanOrEqual": "v4.00.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22068",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-10T13:29:12.877833Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-10T13:38:50.810Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit"
          ],
          "product": "ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series",
          "vendor": "ZTE",
          "versions": [
            {
              "status": "affected",
              "version": "V4.00.10 and earlier",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.\u003cp\u003eThis issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier.\u003c/p\u003e"
            }
          ],
          "value": "Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-554",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-554 Functionality Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-10T08:51:35.299Z",
        "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "shortName": "zte"
      },
      "references": [
        {
          "url": "https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/5359853646778130472"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Weak Password Vulnerability in ZTE ZSR V2 Intelligent Multi Service Router",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
    "assignerShortName": "zte",
    "cveId": "CVE-2024-22068",
    "datePublished": "2024-10-10T08:51:35.299Z",
    "dateReserved": "2024-01-05T01:51:09.681Z",
    "dateUpdated": "2024-10-10T13:38:50.810Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-22036 (GCVE-0-2024-22036)

Vulnerability from cvelistv5 – Published: 2025-04-16 08:37 – Updated: 2026-02-26 18:28
VLAI
Title
Rancher Remote Code Execution via Cluster/Node Drivers
Summary
A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher container itself. For the test and development environments, based on a –privileged Docker container, it is possible to escape the Docker container and gain execution access on the host system. This issue affects rancher: from 2.7.0 before 2.7.16, from 2.8.0 before 2.8.9, from 2.9.0 before 2.9.3.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
Impacted products
Vendor Product Version
SUSE rancher Affected: 2.7.0 , < 2.7.16 (semver)
Affected: 2.8.0 , < 2.8.9 (semver)
Affected: 2.9.0 , < 2.9.3 (semver)
Create a notification for this product.
Date Public
2024-10-25 17:37
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22036",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-18T03:55:41.999711Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T18:28:14.414Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "github.com/rancher/rancher",
          "product": "rancher",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.7.16",
              "status": "affected",
              "version": "2.7.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.8.9",
              "status": "affected",
              "version": "2.8.0",
              "versionType": "semver"
            },
            {
              "lessThan": "2.9.3",
              "status": "affected",
              "version": "2.9.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2024-10-25T17:37:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eA vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the \u003ccode\u003echroot\u003c/code\u003e\n jail and gain root access to the Rancher container itself. In \nproduction environments, further privilege escalation is possible based \non living off the land within the Rancher container itself. For the test\n and development environments, based on a \u2013privileged Docker container, \nit is possible to escape the Docker container and gain execution access \non the host system.\u003cbr\u003e\u003c/div\u003e\u003cp\u003eThis issue affects rancher: from 2.7.0 before 2.7.16, from 2.8.0 before 2.8.9, from 2.9.0 before 2.9.3.\u003c/p\u003e"
            }
          ],
          "value": "A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot\n jail and gain root access to the Rancher container itself. In \nproduction environments, further privilege escalation is possible based \non living off the land within the Rancher container itself. For the test\n and development environments, based on a \u2013privileged Docker container, \nit is possible to escape the Docker container and gain execution access \non the host system.\n\n\nThis issue affects rancher: from 2.7.0 before 2.7.16, from 2.8.0 before 2.8.9, from 2.9.0 before 2.9.3."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269: Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-16T08:37:54.218Z",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22036"
        },
        {
          "url": "https://github.com/rancher/rancher/security/advisories/GHSA-h99m-6755-rgwc"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Rancher Remote Code Execution via Cluster/Node Drivers",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2024-22036",
    "datePublished": "2025-04-16T08:37:54.218Z",
    "dateReserved": "2024-01-04T12:38:34.025Z",
    "dateUpdated": "2026-02-26T18:28:14.414Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-21989 (GCVE-0-2024-21989)

Vulnerability from cvelistv5 – Published: 2024-04-17 19:32 – Updated: 2024-08-01 22:35
VLAI
Title
Privilege Escalation Vulnerability in ONTAP Select Deploy administration utility
Summary
ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
Impacted products
Vendor Product Version
NetApp ONTAP Select Deploy administration utility Affected: 9.12.1 , ≤ 9.14.1P2 (patch)
Create a notification for this product.
netapp ontap_select_deploy_administration_utility Affected: 9.12.1 , ≤ 9.14.1p2 (custom)
    cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:9.12.1:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:9.12.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "ontap_select_deploy_administration_utility",
            "vendor": "netapp",
            "versions": [
              {
                "lessThanOrEqual": "9.14.1p2",
                "status": "affected",
                "version": "9.12.1",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21989",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-18T20:34:47.966458Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-23T18:50:11.927Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:34.729Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240411-0001/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ONTAP Select Deploy administration utility",
          "vendor": "NetApp",
          "versions": [
            {
              "lessThanOrEqual": "9.14.1P2",
              "status": "affected",
              "version": "9.12.1",
              "versionType": "patch"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "ONTAP Select Deploy administration utility versions 9.12.1.x, \n9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when \nsuccessfully exploited could allow a read-only user to escalate their \nprivileges.\n\n"
            }
          ],
          "value": "ONTAP Select Deploy administration utility versions 9.12.1.x, \n9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when \nsuccessfully exploited could allow a read-only user to escalate their \nprivileges.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-17T19:32:34.598Z",
        "orgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
        "shortName": "netapp"
      },
      "references": [
        {
          "url": "https://security.netapp.com/advisory/ntap-20240411-0001/"
        }
      ],
      "source": {
        "advisory": "NTAP-20240411-0001",
        "discovery": "UNKNOWN"
      },
      "title": "Privilege Escalation Vulnerability in ONTAP Select Deploy administration utility",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
    "assignerShortName": "netapp",
    "cveId": "CVE-2024-21989",
    "datePublished": "2024-04-17T19:32:34.598Z",
    "dateReserved": "2024-01-03T19:45:25.346Z",
    "dateUpdated": "2024-08-01T22:35:34.729Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-21985 (GCVE-0-2024-21985)

Vulnerability from cvelistv5 – Published: 2024-01-26 16:01 – Updated: 2025-05-29 15:12
VLAI
Title
Privilege Escalation Vulnerability in ONTAP 9
Summary
ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 and 9.13.1P4 are susceptible to a vulnerability which could allow an authenticated user with multiple remote accounts with differing roles to perform actions via REST API beyond their intended privilege. Possible actions include viewing limited configuration details and metrics or modifying limited settings, some of which could result in a Denial of Service (DoS).
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
Impacted products
Vendor Product Version
NetApp ONTAP 9 Affected: 9.0 , < 9.9.1P18 (patch)
Affected: 9.10.1 , < 9.10.1P16 (patch)
Affected: 9.11.1 , < 9.11.1P13 (patch)
Affected: 9.12.1 , < 9.12.1P10 (patch)
Affected: 9.13.1 , < 9.13.1P4 (patch)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:34.813Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240126-0001/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21985",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T19:09:09.334429Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-29T15:12:35.934Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ONTAP 9",
          "vendor": "NetApp",
          "versions": [
            {
              "lessThan": "9.9.1P18",
              "status": "affected",
              "version": "9.0",
              "versionType": "patch"
            },
            {
              "lessThan": "9.10.1P16",
              "status": "affected",
              "version": "9.10.1",
              "versionType": "patch"
            },
            {
              "lessThan": "9.11.1P13",
              "status": "affected",
              "version": "9.11.1",
              "versionType": "patch"
            },
            {
              "lessThan": "9.12.1P10",
              "status": "affected",
              "version": "9.12.1",
              "versionType": "patch"
            },
            {
              "lessThan": "9.13.1P4",
              "status": "affected",
              "version": "9.13.1",
              "versionType": "patch"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\u003cp\u003eONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 \nand 9.13.1P4 are susceptible to a vulnerability which could allow an \nauthenticated user with multiple remote accounts with differing roles to\n perform actions via REST API beyond their intended privilege. Possible \nactions include viewing limited configuration details and metrics or \nmodifying limited settings, some of which could result in a Denial of \nService (DoS).\u003c/p\u003e\n\n"
            }
          ],
          "value": "ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 \nand 9.13.1P4 are susceptible to a vulnerability which could allow an \nauthenticated user with multiple remote accounts with differing roles to\n perform actions via REST API beyond their intended privilege. Possible \nactions include viewing limited configuration details and metrics or \nmodifying limited settings, some of which could result in a Denial of \nService (DoS).\n\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-26T16:01:48.168Z",
        "orgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
        "shortName": "netapp"
      },
      "references": [
        {
          "url": "https://security.netapp.com/advisory/ntap-20240126-0001/"
        }
      ],
      "source": {
        "advisory": "NTAP-20240126-0001",
        "discovery": "UNKNOWN"
      },
      "title": "Privilege Escalation Vulnerability in ONTAP 9 ",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
    "assignerShortName": "netapp",
    "cveId": "CVE-2024-21985",
    "datePublished": "2024-01-26T16:01:48.168Z",
    "dateReserved": "2024-01-03T19:45:25.346Z",
    "dateUpdated": "2025-05-29T15:12:35.934Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-21966 (GCVE-0-2024-21966)

Vulnerability from cvelistv5 – Published: 2025-02-11 19:56 – Updated: 2025-02-11 20:56
VLAI
Summary
A DLL hijacking vulnerability in the AMD Ryzen™ Master Utility could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
AMD
Impacted products
Date Public
2025-02-11 17:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21966",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T20:56:19.054668Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-11T20:56:30.357Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "AMD Ryzen\u2122  Master Utility",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "2.14.0.3205"
            }
          ]
        }
      ],
      "datePublic": "2025-02-11T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A DLL hijacking vulnerability in the AMD Ryzen\u2122  Master Utility could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.\u003cbr\u003e"
            }
          ],
          "value": "A DLL hijacking vulnerability in the AMD Ryzen\u2122  Master Utility could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-11T19:56:25.414Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-9010.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-21966",
    "datePublished": "2025-02-11T19:56:25.414Z",
    "dateReserved": "2024-01-03T16:43:28.698Z",
    "dateUpdated": "2025-02-11T20:56:30.357Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-48
Architecture and Design

Strategy: Separation of Privilege

Follow the principle of least privilege when assigning access rights to entities in a software system.

Mitigation MIT-49
Architecture and Design

Strategy: Separation of Privilege

Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

CAPEC-122: Privilege Abuse

An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.

CAPEC-233: Privilege Escalation

An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.

CAPEC-58: Restful Privilege Elevation

An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.