CWE-269
Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
CVE-2021-43858 (GCVE-0-2021-43858)
Vulnerability from cvelistv5 – Published: 2021-12-27 21:20 – Updated: 2024-08-04 04:10
VLAI
Title
User privilege escalation in MinIO
Summary
MinIO is a Kubernetes native application for cloud storage. Prior to version `RELEASE.2021-12-27T07-23-18Z`, a malicious client can hand-craft an HTTP API call that allows for updating policy for a user and gaining higher privileges. The patch in version `RELEASE.2021-12-27T07-23-18Z` changes the accepted request body type and removes the ability to apply policy changes through this API. There is a workaround for this vulnerability: Changing passwords can be disabled by adding an explicit `Deny` rule to disable the API for users.
Severity
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/minio/minio/security/advisorie… | x_refsource_CONFIRM |
| https://github.com/minio/minio/pull/13976 | x_refsource_MISC |
| https://github.com/minio/minio/pull/7949 | x_refsource_MISC |
| https://github.com/minio/minio/commit/5a96cbbeaab… | x_refsource_MISC |
| https://github.com/minio/minio/releases/tag/RELEA… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:10:17.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/minio/minio/security/advisories/GHSA-j6jc-jqqc-p6cx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/minio/minio/pull/13976"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/minio/minio/pull/7949"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/minio/minio/commit/5a96cbbeaabd0a82b0fe881378e7c21c85091abf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/minio/minio/releases/tag/RELEASE.2021-12-27T07-23-18Z"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "minio",
"vendor": "minio",
"versions": [
{
"status": "affected",
"version": "\u003c RELEASE.2021-12-27T07-23-18Z"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MinIO is a Kubernetes native application for cloud storage. Prior to version `RELEASE.2021-12-27T07-23-18Z`, a malicious client can hand-craft an HTTP API call that allows for updating policy for a user and gaining higher privileges. The patch in version `RELEASE.2021-12-27T07-23-18Z` changes the accepted request body type and removes the ability to apply policy changes through this API. There is a workaround for this vulnerability: Changing passwords can be disabled by adding an explicit `Deny` rule to disable the API for users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T21:20:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/minio/minio/security/advisories/GHSA-j6jc-jqqc-p6cx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/minio/minio/pull/13976"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/minio/minio/pull/7949"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/minio/minio/commit/5a96cbbeaabd0a82b0fe881378e7c21c85091abf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/minio/minio/releases/tag/RELEASE.2021-12-27T07-23-18Z"
}
],
"source": {
"advisory": "GHSA-j6jc-jqqc-p6cx",
"discovery": "UNKNOWN"
},
"title": "User privilege escalation in MinIO",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-43858",
"STATE": "PUBLIC",
"TITLE": "User privilege escalation in MinIO"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "minio",
"version": {
"version_data": [
{
"version_value": "\u003c RELEASE.2021-12-27T07-23-18Z"
}
]
}
}
]
},
"vendor_name": "minio"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MinIO is a Kubernetes native application for cloud storage. Prior to version `RELEASE.2021-12-27T07-23-18Z`, a malicious client can hand-craft an HTTP API call that allows for updating policy for a user and gaining higher privileges. The patch in version `RELEASE.2021-12-27T07-23-18Z` changes the accepted request body type and removes the ability to apply policy changes through this API. There is a workaround for this vulnerability: Changing passwords can be disabled by adding an explicit `Deny` rule to disable the API for users."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/minio/minio/security/advisories/GHSA-j6jc-jqqc-p6cx",
"refsource": "CONFIRM",
"url": "https://github.com/minio/minio/security/advisories/GHSA-j6jc-jqqc-p6cx"
},
{
"name": "https://github.com/minio/minio/pull/13976",
"refsource": "MISC",
"url": "https://github.com/minio/minio/pull/13976"
},
{
"name": "https://github.com/minio/minio/pull/7949",
"refsource": "MISC",
"url": "https://github.com/minio/minio/pull/7949"
},
{
"name": "https://github.com/minio/minio/commit/5a96cbbeaabd0a82b0fe881378e7c21c85091abf",
"refsource": "MISC",
"url": "https://github.com/minio/minio/commit/5a96cbbeaabd0a82b0fe881378e7c21c85091abf"
},
{
"name": "https://github.com/minio/minio/releases/tag/RELEASE.2021-12-27T07-23-18Z",
"refsource": "MISC",
"url": "https://github.com/minio/minio/releases/tag/RELEASE.2021-12-27T07-23-18Z"
}
]
},
"source": {
"advisory": "GHSA-j6jc-jqqc-p6cx",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-43858",
"datePublished": "2021-12-27T21:20:11.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T04:10:17.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43860 (GCVE-0-2021-43860)
Vulnerability from cvelistv5 – Published: 2022-01-12 00:00 – Updated: 2024-08-04 04:10
VLAI
Title
Permissions granted to applications can be hidden from the user at install time
Summary
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there's a null byte in the metadata file of an app. Therefore apps can grant themselves permissions without the consent of the user. Flatpak shows permissions to the user during install by reading them from the "xa.metadata" key in the commit metadata. This cannot contain a null terminator, because it is an untrusted GVariant. Flatpak compares these permissions to the *actual* metadata, from the "metadata" file to ensure it wasn't lied to. However, the actual metadata contents are loaded in several places where they are read as simple C-style strings. That means that, if the metadata file includes a null terminator, only the content of the file from *before* the terminator gets compared to xa.metadata. Thus, any permissions that appear in the metadata file after a null terminator are applied at runtime but not shown to the user. So maliciously crafted apps can give themselves hidden permissions. Users who have Flatpaks installed from untrusted sources are at risk in case the Flatpak has a maliciously crafted metadata file, either initially or in an update. This issue is patched in versions 1.12.3 and 1.10.6. As a workaround, users can manually check the permissions of installed apps by checking the metadata file or the xa.metadata key on the commit metadata.
Severity
8.2 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
11 references
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:10:17.171Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/flatpak/flatpak/security/advisories/GHSA-qpjc-vq3c-572j"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/flatpak/flatpak/commit/54ec1a482dfc668127eaae57f135e6a8e0bc52da"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/flatpak/flatpak/commit/65cbfac982cb1c83993a9e19aa424daee8e9f042"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/flatpak/flatpak/commit/93357d357119093804df05acc32ff335839c6451"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/flatpak/flatpak/commit/ba818f504c926baaf6e362be8159cfacf994310e"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/flatpak/flatpak/commit/d9a8f9d8ccc0b7c1135d0ecde006a75d25f66aee"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/flatpak/flatpak/releases/tag/1.10.6"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/flatpak/flatpak/releases/tag/1.12.3"
},
{
"name": "FEDORA-2022-825ca6bf2b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APFTBYGJJVJPFVHRXUW5PII5XOAFI4KH/"
},
{
"name": "DSA-5049",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5049"
},
{
"name": "GLSA-202312-12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202312-12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "flatpak",
"vendor": "flatpak",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.11.0, \u003c 1.12.3"
},
{
"status": "affected",
"version": "\u003c 1.10.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn\u0027t properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there\u0027s a null byte in the metadata file of an app. Therefore apps can grant themselves permissions without the consent of the user. Flatpak shows permissions to the user during install by reading them from the \"xa.metadata\" key in the commit metadata. This cannot contain a null terminator, because it is an untrusted GVariant. Flatpak compares these permissions to the *actual* metadata, from the \"metadata\" file to ensure it wasn\u0027t lied to. However, the actual metadata contents are loaded in several places where they are read as simple C-style strings. That means that, if the metadata file includes a null terminator, only the content of the file from *before* the terminator gets compared to xa.metadata. Thus, any permissions that appear in the metadata file after a null terminator are applied at runtime but not shown to the user. So maliciously crafted apps can give themselves hidden permissions. Users who have Flatpaks installed from untrusted sources are at risk in case the Flatpak has a maliciously crafted metadata file, either initially or in an update. This issue is patched in versions 1.12.3 and 1.10.6. As a workaround, users can manually check the permissions of installed apps by checking the metadata file or the xa.metadata key on the commit metadata."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-23T10:06:22.908Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/flatpak/flatpak/security/advisories/GHSA-qpjc-vq3c-572j"
},
{
"url": "https://github.com/flatpak/flatpak/commit/54ec1a482dfc668127eaae57f135e6a8e0bc52da"
},
{
"url": "https://github.com/flatpak/flatpak/commit/65cbfac982cb1c83993a9e19aa424daee8e9f042"
},
{
"url": "https://github.com/flatpak/flatpak/commit/93357d357119093804df05acc32ff335839c6451"
},
{
"url": "https://github.com/flatpak/flatpak/commit/ba818f504c926baaf6e362be8159cfacf994310e"
},
{
"url": "https://github.com/flatpak/flatpak/commit/d9a8f9d8ccc0b7c1135d0ecde006a75d25f66aee"
},
{
"url": "https://github.com/flatpak/flatpak/releases/tag/1.10.6"
},
{
"url": "https://github.com/flatpak/flatpak/releases/tag/1.12.3"
},
{
"name": "FEDORA-2022-825ca6bf2b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APFTBYGJJVJPFVHRXUW5PII5XOAFI4KH/"
},
{
"name": "DSA-5049",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5049"
},
{
"name": "GLSA-202312-12",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202312-12"
}
],
"source": {
"advisory": "GHSA-qpjc-vq3c-572j",
"discovery": "UNKNOWN"
},
"title": "Permissions granted to applications can be hidden from the user at install time"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-43860",
"datePublished": "2022-01-12T00:00:00.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T04:10:17.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-45729 (GCVE-0-2021-45729)
Vulnerability from cvelistv5 – Published: 2022-01-25 19:11 – Updated: 2026-04-28 16:07
VLAI
Title
WordPress WP Google Map plugin <= 1.8.0 - Privilege Escalation vulnerability
Summary
The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions <= 1.8.0) allows authenticated low-role users to create, edit, and delete maps.
Severity
5.4 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/gmap-embed/#developers | x_refsource_CONFIRM |
| https://patchstack.com/database/vulnerability/gma… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WP Google Map | WP Google Map (WordPress plugin) |
Affected:
<= 1.8.0 , ≤ 1.8.0
(custom)
|
Date Public
2021-12-08 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:47:02.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wordpress.org/plugins/gmap-embed/#developers"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/gmap-embed/wordpress-wp-google-map-plugin-1-8-0-privilege-escalation-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-45729",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T19:33:35.249327Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T20:32:28.530Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "WP Google Map (WordPress plugin)",
"vendor": "WP Google Map",
"versions": [
{
"lessThanOrEqual": "1.8.0",
"status": "affected",
"version": "\u003c= 1.8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Vulnerability discovered by Nguyen Van Khanh (Patchstack Red Team)"
}
],
"datePublic": "2021-12-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions \u003c= 1.8.0) allows authenticated low-role users to create, edit, and delete maps."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:07:37.727Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wordpress.org/plugins/gmap-embed/#developers"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchstack.com/database/vulnerability/gmap-embed/wordpress-wp-google-map-plugin-1-8-0-privilege-escalation-vulnerability"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to 1.8.1 or higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WP Google Map plugin \u003c= 1.8.0 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "audit@patchstack.com",
"DATE_PUBLIC": "2021-12-08T12:44:00.000Z",
"ID": "CVE-2021-45729",
"STATE": "PUBLIC",
"TITLE": "WordPress WP Google Map plugin \u003c= 1.8.0 - Privilege Escalation vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP Google Map (WordPress plugin)",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "\u003c= 1.8.0",
"version_value": "1.8.0"
}
]
}
}
]
},
"vendor_name": "WP Google Map"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Vulnerability discovered by Nguyen Van Khanh (Patchstack Red Team)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions \u003c= 1.8.0) allows authenticated low-role users to create, edit, and delete maps."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/gmap-embed/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/gmap-embed/#developers"
},
{
"name": "https://patchstack.com/database/vulnerability/gmap-embed/wordpress-wp-google-map-plugin-1-8-0-privilege-escalation-vulnerability",
"refsource": "CONFIRM",
"url": "https://patchstack.com/database/vulnerability/gmap-embed/wordpress-wp-google-map-plugin-1-8-0-privilege-escalation-vulnerability"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to 1.8.1 or higher version."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2021-45729",
"datePublished": "2022-01-25T19:11:15.848Z",
"dateReserved": "2022-01-13T00:00:00.000Z",
"dateUpdated": "2026-04-28T16:07:37.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-46894 (GCVE-0-2021-46894)
Vulnerability from cvelistv5 – Published: 2023-07-06 12:23 – Updated: 2024-11-19 18:55
VLAI
Summary
Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation.
Severity
No CVSS data available.
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2023/7/"
},
{
"tags": [
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-46894",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T18:55:00.567068Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T18:55:13.946Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation."
}
],
"value": "Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-06T12:23:59.118Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/7/"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-46894",
"datePublished": "2023-07-06T12:23:59.118Z",
"dateReserved": "2023-06-29T11:27:53.897Z",
"dateUpdated": "2024-11-19T18:55:13.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0144 (GCVE-0-2022-0144)
Vulnerability from cvelistv5 – Published: 2022-01-11 06:45 – Updated: 2024-08-02 23:18
VLAI
Title
Improper Privilege Management in shelljs/shelljs
Summary
shelljs is vulnerable to Improper Privilege Management
Severity
7.1 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://huntr.dev/bounties/50996581-c08e-4eed-a90… | x_refsource_CONFIRM |
| https://github.com/shelljs/shelljs/commit/d919d22… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| shelljs | shelljs/shelljs |
Affected:
unspecified , < 0.8.5
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:41.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shelljs/shelljs/commit/d919d22dd6de385edaa9d90313075a77f74b338c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "shelljs/shelljs",
"vendor": "shelljs",
"versions": [
{
"lessThan": "0.8.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "shelljs is vulnerable to Improper Privilege Management"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-11T06:45:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shelljs/shelljs/commit/d919d22dd6de385edaa9d90313075a77f74b338c"
}
],
"source": {
"advisory": "50996581-c08e-4eed-a90e-c0bac082679c",
"discovery": "EXTERNAL"
},
"title": "Improper Privilege Management in shelljs/shelljs",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0144",
"STATE": "PUBLIC",
"TITLE": "Improper Privilege Management in shelljs/shelljs"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "shelljs/shelljs",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "0.8.5"
}
]
}
}
]
},
"vendor_name": "shelljs"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "shelljs is vulnerable to Improper Privilege Management"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c"
},
{
"name": "https://github.com/shelljs/shelljs/commit/d919d22dd6de385edaa9d90313075a77f74b338c",
"refsource": "MISC",
"url": "https://github.com/shelljs/shelljs/commit/d919d22dd6de385edaa9d90313075a77f74b338c"
}
]
},
"source": {
"advisory": "50996581-c08e-4eed-a90e-c0bac082679c",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0144",
"datePublished": "2022-01-11T06:45:10.000Z",
"dateReserved": "2022-01-07T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:18:41.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0222 (GCVE-0-2022-0222)
Vulnerability from cvelistv5 – Published: 2022-11-22 00:00 – Updated: 2025-04-29 15:24
VLAI
Summary
A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUs(BMXP34* versions prior to V3.40), Modicon M340 X80 Ethernet Communication modules:BMXNOE0100 (H), BMXNOE0110 (H), BMXNOR0200H RTU(BMXNOE* all versions)(BMXNOR* versions prior to v1.7 IR24)
Severity
7.5 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Schneider Electric | Modicon M340 CPUs |
Affected:
BMXP34* , < V3.40
(custom)
|
|
| Schneider Electric | Modicon M340 X80 Ethernet Communication modules: BMXNOE0100 (H) BMXNOE0110 (H) BMXNOR0200H RTU |
Affected:
BMXNOE* All Versions
Affected: BMXNOR* , < v1.7 IR24 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:42.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.se.com/us/en/download/document/SEVD-2022-102-02/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-0222",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T15:24:43.607121Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T15:24:51.881Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Modicon M340 CPUs",
"vendor": "Schneider Electric",
"versions": [
{
"lessThan": "V3.40",
"status": "affected",
"version": "BMXP34*",
"versionType": "custom"
}
]
},
{
"product": "Modicon M340 X80 Ethernet Communication modules: BMXNOE0100 (H) BMXNOE0110 (H) BMXNOR0200H RTU",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "BMXNOE* All Versions"
},
{
"lessThan": "v1.7 IR24 ",
"status": "affected",
"version": "BMXNOR*",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUs(BMXP34* versions prior to V3.40), Modicon M340 X80 Ethernet Communication modules:BMXNOE0100 (H), BMXNOE0110 (H), BMXNOR0200H RTU(BMXNOE* all versions)(BMXNOR* versions prior to v1.7 IR24)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-22T00:00:00.000Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://www.se.com/us/en/download/document/SEVD-2022-102-02/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2022-0222",
"datePublished": "2022-11-22T00:00:00.000Z",
"dateReserved": "2022-01-13T00:00:00.000Z",
"dateUpdated": "2025-04-29T15:24:51.881Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0441 (GCVE-0-2022-0441)
Vulnerability from cvelistv5 – Published: 2022-03-07 08:16 – Updated: 2024-08-02 23:25
VLAI
Title
MasterStudy LMS < 2.7.6 - Unauthenticated Admin Account Creation
Summary
The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin
Severity
No CVSS data available.
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/173c2efe-ee9c-45… | x_refsource_MISC |
| https://plugins.trac.wordpress.org/changeset/2667195 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | MasterStudy LMS – WordPress LMS Plugin |
Affected:
2.7.6 , < 2.7.6
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:25:40.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/173c2efe-ee9c-4539-852f-c242b4f728ed"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2667195"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MasterStudy LMS \u2013 WordPress LMS Plugin",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.7.6",
"status": "affected",
"version": "2.7.6",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Numan T\u00fcrle"
}
],
"descriptions": [
{
"lang": "en",
"value": "The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T08:16:43.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/173c2efe-ee9c-4539-852f-c242b4f728ed"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2667195"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "MasterStudy LMS \u003c 2.7.6 - Unauthenticated Admin Account Creation",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-0441",
"STATE": "PUBLIC",
"TITLE": "MasterStudy LMS \u003c 2.7.6 - Unauthenticated Admin Account Creation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MasterStudy LMS \u2013 WordPress LMS Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.7.6",
"version_value": "2.7.6"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Numan T\u00fcrle"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/173c2efe-ee9c-4539-852f-c242b4f728ed",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/173c2efe-ee9c-4539-852f-c242b4f728ed"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2667195",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2667195"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-0441",
"datePublished": "2022-03-07T08:16:43.000Z",
"dateReserved": "2022-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:25:40.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0556 (GCVE-0-2022-0556)
Vulnerability from cvelistv5 – Published: 2022-04-11 11:50 – Updated: 2024-08-02 23:32
VLAI
Summary
A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator (ZAC) version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator.
Severity
7.3 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zyxel.com/support/Zyxel-security-advi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Zyxel | Zyxel AP Configurator (ZAC) |
Affected:
V1.1.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.472Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-local-privilege-escalation-vulnerability-of-AP-Configurator.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Zyxel AP Configurator (ZAC)",
"vendor": "Zyxel",
"versions": [
{
"status": "affected",
"version": "V1.1.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator (ZAC) version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T11:50:16.000Z",
"orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"shortName": "Zyxel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-local-privilege-escalation-vulnerability-of-AP-Configurator.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2022-0556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Zyxel AP Configurator (ZAC)",
"version": {
"version_data": [
{
"version_value": "V1.1.4"
}
]
}
}
]
},
"vendor_name": "Zyxel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator (ZAC) version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator."
}
]
},
"impact": {
"cvss": {
"baseScore": "7.3",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zyxel.com/support/Zyxel-security-advisory-for-local-privilege-escalation-vulnerability-of-AP-Configurator.shtml",
"refsource": "CONFIRM",
"url": "https://www.zyxel.com/support/Zyxel-security-advisory-for-local-privilege-escalation-vulnerability-of-AP-Configurator.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
"assignerShortName": "Zyxel",
"cveId": "CVE-2022-0556",
"datePublished": "2022-04-11T11:50:16.000Z",
"dateReserved": "2022-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:32:46.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1256 (GCVE-0-2022-1256)
Vulnerability from cvelistv5 – Published: 2022-04-14 13:45 – Updated: 2024-08-02 23:55
VLAI
Title
Improper Privilege Management in McAfee Agent for Windows
Summary
A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user's %TEMP% directory with System privileges through manipulation of symbolic links.
Severity
7.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://kc.mcafee.com/corporate/index?page=conten… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| McAfee,LLC | McAfee Agent for Windows |
Affected:
unspecified , < 5.7.6
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10382"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "McAfee Agent for Windows",
"vendor": "McAfee,LLC",
"versions": [
{
"lessThan": "5.7.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user\u0027s %TEMP% directory with System privileges through manipulation of symbolic links."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-14T13:45:17.000Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10382"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Privilege Management in McAfee Agent for Windows",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2022-1256",
"STATE": "PUBLIC",
"TITLE": "Improper Privilege Management in McAfee Agent for Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee Agent for Windows",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "5.7.6"
}
]
}
}
]
},
"vendor_name": "McAfee,LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user\u0027s %TEMP% directory with System privileges through manipulation of symbolic links."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10382",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10382"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2022-1256",
"datePublished": "2022-04-14T13:45:17.000Z",
"dateReserved": "2022-04-06T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:55:24.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1397 (GCVE-0-2022-1397)
Vulnerability from cvelistv5 – Published: 2022-05-10 10:05 – Updated: 2024-08-03 00:03
VLAI
Title
API Privilege Escalation in alextselegidis/easyappointments
Summary
API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover.
Severity
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://huntr.dev/bounties/5f69e094-ab8c-47a3-b01… | x_refsource_CONFIRM |
| https://github.com/alextselegidis/easyappointment… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| alextselegidis | alextselegidis/easyappointments |
Affected:
unspecified , < 1.5.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:03:06.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/5f69e094-ab8c-47a3-b01d-8c12a3b14c61"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/alextselegidis/easyappointments/commit/63dbb51decfcc1631c398ecd6d30e3a337845526"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "alextselegidis/easyappointments",
"vendor": "alextselegidis",
"versions": [
{
"lessThan": "1.5.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-10T10:05:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/5f69e094-ab8c-47a3-b01d-8c12a3b14c61"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/alextselegidis/easyappointments/commit/63dbb51decfcc1631c398ecd6d30e3a337845526"
}
],
"source": {
"advisory": "5f69e094-ab8c-47a3-b01d-8c12a3b14c61",
"discovery": "EXTERNAL"
},
"title": "API Privilege Escalation in alextselegidis/easyappointments",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1397",
"STATE": "PUBLIC",
"TITLE": "API Privilege Escalation in alextselegidis/easyappointments"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "alextselegidis/easyappointments",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.5.0"
}
]
}
}
]
},
"vendor_name": "alextselegidis"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/5f69e094-ab8c-47a3-b01d-8c12a3b14c61",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/5f69e094-ab8c-47a3-b01d-8c12a3b14c61"
},
{
"name": "https://github.com/alextselegidis/easyappointments/commit/63dbb51decfcc1631c398ecd6d30e3a337845526",
"refsource": "MISC",
"url": "https://github.com/alextselegidis/easyappointments/commit/63dbb51decfcc1631c398ecd6d30e3a337845526"
}
]
},
"source": {
"advisory": "5f69e094-ab8c-47a3-b01d-8c12a3b14c61",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1397",
"datePublished": "2022-05-10T10:05:10.000Z",
"dateReserved": "2022-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:03:06.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-1
Phases: Architecture and Design, Operation
Description:
- Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation ID: MIT-48
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation ID: MIT-49
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.