CWE-269
Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
CVE-2024-31290 (GCVE-0-2024-31290)
Vulnerability from cvelistv5 – Published: 2024-05-17 08:54 – Updated: 2026-04-28 16:09
VLAI
Title
WordPress Demo My WordPress plugin <= 1.0.9.1 - Unauthenticated Privilege Escalation vulnerability
Summary
Improper Privilege Management vulnerability in CodeRevolution Demo My WordPress allows Privilege Escalation.This issue affects Demo My WordPress: from n/a through 1.0.9.1.
Severity
9.8 (Critical)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/dem… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CodeRevolution | Demo My WordPress |
Affected:
n/a , ≤ 1.0.9.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:coderevolution:demo_my_wordpress:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "demo_my_wordpress",
"vendor": "coderevolution",
"versions": [
{
"lessThan": "1.0.9.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31290",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-20T14:09:52.114681Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:37:09.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:46:04.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/demo-my-wordpress/wordpress-demo-my-wordpress-plugin-1-0-9-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Demo My WordPress",
"vendor": "CodeRevolution",
"versions": [
{
"changes": [
{
"at": "1.1.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.9.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Dave Jong (Patchstack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in CodeRevolution Demo My WordPress allows Privilege Escalation.\u003cp\u003eThis issue affects Demo My WordPress: from n/a through 1.0.9.1.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in CodeRevolution Demo My WordPress allows Privilege Escalation.This issue affects Demo My WordPress: from n/a through 1.0.9.1."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:30.316Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/demo-my-wordpress/wordpress-demo-my-wordpress-plugin-1-0-9-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.1.0 or a higher version."
}
],
"value": "Update to 1.1.0 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Demo My WordPress plugin \u003c= 1.0.9.1 - Unauthenticated Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-31290",
"datePublished": "2024-05-17T08:54:36.992Z",
"dateReserved": "2024-03-29T17:22:51.686Z",
"dateUpdated": "2026-04-28T16:09:30.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-3137 (GCVE-0-2024-3137)
Vulnerability from cvelistv5 – Published: 2024-04-02 00:00 – Updated: 2024-09-06 16:21
VLAI
Title
Improper Privilege Management in uvdesk/community-skeleton
Summary
Improper Privilege Management in uvdesk/community-skeleton
Severity
7.1 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| uvdesk | uvdesk/community-skeleton |
Affected:
unspecified , ≤ latest
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:32:42.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.com/bounties/faf74783-644c-40cd-aa98-2239e5fafcd1"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:uvdesk:community-skeleton:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "community-skeleton",
"vendor": "uvdesk",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3137",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T14:23:29.976445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T16:21:28.198Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "uvdesk/community-skeleton",
"vendor": "uvdesk",
"versions": [
{
"lessThanOrEqual": "latest",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Privilege Management in uvdesk/community-skeleton"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T00:00:14.584Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/faf74783-644c-40cd-aa98-2239e5fafcd1"
}
],
"source": {
"advisory": "faf74783-644c-40cd-aa98-2239e5fafcd1",
"discovery": "EXTERNAL"
},
"title": "Improper Privilege Management in uvdesk/community-skeleton"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-3137",
"datePublished": "2024-04-02T00:00:14.584Z",
"dateReserved": "2024-04-01T16:04:58.221Z",
"dateUpdated": "2024-09-06T16:21:28.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32003 (GCVE-0-2024-32003)
Vulnerability from cvelistv5 – Published: 2024-04-12 20:21 – Updated: 2024-08-02 01:59
VLAI
Title
Dusk plugin may allow unfettered user authentication in misconfigured installs
Summary
wn-dusk-plugin (Dusk plugin) is a plugin which integrates Laravel Dusk browser testing into Winter CMS. The Dusk plugin provides some special routes as part of its testing framework to allow a browser environment (such as headless Chrome) to act as a user in the Backend or User plugin without having to go through authentication. This route is `[[URL]]/_dusk/login/[[USER ID]]/[[MANAGER]]` - where `[[URL]]` is the base URL of the site, `[[USER ID]]` is the ID of the user account and `[[MANAGER]]` is the authentication manager (either `backend` for Backend, or `user` for the User plugin). If a configuration of a site using the Dusk plugin is set up in such a way that the Dusk plugin is available publicly and the test cases in Dusk are run with live data, this route may potentially be used to gain access to any user account in either the Backend or User plugin without authentication. As indicated in the `README`, this plugin should only be used in development and should *NOT* be used in a production instance. It is specifically recommended that the plugin be installed as a development dependency only in Composer. In order to remediate this issue, the special routes used above will now no longer be registered unless the `APP_ENV` environment variable is specifically set to `dusk`. Since Winter by default does not use this environment variable and it is not populated by default, it will only exist if Dusk's automatic configuration is used (which won't exhibit this vulnerability) or if a developer manually specifies it in their configuration. The automatic configuration performed by the Dusk plugin has also been hardened by default to use sane defaults and not allow external environment variables to leak into this configuration. This will only affect users in which the Winter CMS installation meets ALL the following criteria: 1. The Dusk plugin is installed in the Winter CMS instance. 2. The application is in production mode (ie. the `debug` config value is set to `true` in `config/app.php`). 3. The Dusk plugin's automatic configuration has been overridden, either by providing a custom `.env.dusk` file or by providing custom configuration in the `config/dusk` folder, or by providing configuration environment variables externally. 4. The environment has been configured to use production data in the database for testing, and not the temporary SQLite database that Dusk uses by default. 5. The application is connectable via the web. This issue has been fixed in version 2.1.0. Users are advised to upgrade.
Severity
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/wintercms/wn-dusk-plugin/secur… | x_refsource_CONFIRM |
| https://github.com/wintercms/wn-dusk-plugin/blob/… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| wintercms | wn-dusk-plugin |
Affected:
< 2.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wintercms:wn-dusk-plugin:2.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wn-dusk-plugin",
"vendor": "wintercms",
"versions": [
{
"lessThan": "2.1.0",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T18:31:22.488666Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:51:56.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:59:50.827Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/wintercms/wn-dusk-plugin/security/advisories/GHSA-chcp-g9j5-3xxx",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wintercms/wn-dusk-plugin/security/advisories/GHSA-chcp-g9j5-3xxx"
},
{
"name": "https://github.com/wintercms/wn-dusk-plugin/blob/main/README.md",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wintercms/wn-dusk-plugin/blob/main/README.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "wn-dusk-plugin",
"vendor": "wintercms",
"versions": [
{
"status": "affected",
"version": "\u003c 2.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "wn-dusk-plugin (Dusk plugin) is a plugin which integrates Laravel Dusk browser testing into Winter CMS. The Dusk plugin provides some special routes as part of its testing framework to allow a browser environment (such as headless Chrome) to act as a user in the Backend or User plugin without having to go through authentication. This route is `[[URL]]/_dusk/login/[[USER ID]]/[[MANAGER]]` - where `[[URL]]` is the base URL of the site, `[[USER ID]]` is the ID of the user account and `[[MANAGER]]` is the authentication manager (either `backend` for Backend, or `user` for the User plugin). If a configuration of a site using the Dusk plugin is set up in such a way that the Dusk plugin is available publicly and the test cases in Dusk are run with live data, this route may potentially be used to gain access to any user account in either the Backend or User plugin without authentication. As indicated in the `README`, this plugin should only be used in development and should *NOT* be used in a production instance. It is specifically recommended that the plugin be installed as a development dependency only in Composer. In order to remediate this issue, the special routes used above will now no longer be registered unless the `APP_ENV` environment variable is specifically set to `dusk`. Since Winter by default does not use this environment variable and it is not populated by default, it will only exist if Dusk\u0027s automatic configuration is used (which won\u0027t exhibit this vulnerability) or if a developer manually specifies it in their configuration. The automatic configuration performed by the Dusk plugin has also been hardened by default to use sane defaults and not allow external environment variables to leak into this configuration. This will only affect users in which the Winter CMS installation meets ALL the following criteria: 1. The Dusk plugin is installed in the Winter CMS instance. 2. The application is in production mode (ie. the `debug` config value is set to `true` in `config/app.php`). 3. The Dusk plugin\u0027s automatic configuration has been overridden, either by providing a custom `.env.dusk` file or by providing custom configuration in the `config/dusk` folder, or by providing configuration environment variables externally. 4. The environment has been configured to use production data in the database for testing, and not the temporary SQLite database that Dusk uses by default. 5. The application is connectable via the web. This issue has been fixed in version 2.1.0. Users are advised to upgrade."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-12T20:21:40.799Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/wintercms/wn-dusk-plugin/security/advisories/GHSA-chcp-g9j5-3xxx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wintercms/wn-dusk-plugin/security/advisories/GHSA-chcp-g9j5-3xxx"
},
{
"name": "https://github.com/wintercms/wn-dusk-plugin/blob/main/README.md",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wintercms/wn-dusk-plugin/blob/main/README.md"
}
],
"source": {
"advisory": "GHSA-chcp-g9j5-3xxx",
"discovery": "UNKNOWN"
},
"title": "Dusk plugin may allow unfettered user authentication in misconfigured installs"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-32003",
"datePublished": "2024-04-12T20:21:40.799Z",
"dateReserved": "2024-04-08T13:48:37.492Z",
"dateUpdated": "2024-08-02T01:59:50.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32507 (GCVE-0-2024-32507)
Vulnerability from cvelistv5 – Published: 2024-05-17 08:55 – Updated: 2026-04-28 16:09
VLAI
Title
WordPress Login with phone number plugin <= 1.7.16 - Privilege Escalation vulnerability
Summary
Incorrect Privilege Assignment vulnerability in Hamid Alinia Login with phone number login-with-phone-number.This issue affects Login with phone number: from n/a through <= 1.7.16.
Severity
8.8 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hamid Alinia | Login with phone number |
Affected:
0 , ≤ 1.7.16
(custom)
|
Date Public
2026-04-01 16:24
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32507",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-22T17:17:35.723445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:51:41.338Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:13:39.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/login-with-phone-number/wordpress-login-with-phone-number-plugin-1-7-16-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "login-with-phone-number",
"product": "Login with phone number",
"vendor": "Hamid Alinia",
"versions": [
{
"changes": [
{
"at": "1.7.17",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.7.16",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Emili Castells | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:24:53.849Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Privilege Assignment vulnerability in Hamid Alinia Login with phone number login-with-phone-number.\u003cp\u003eThis issue affects Login with phone number: from n/a through \u003c= 1.7.16.\u003c/p\u003e"
}
],
"value": "Incorrect Privilege Assignment vulnerability in Hamid Alinia Login with phone number login-with-phone-number.This issue affects Login with phone number: from n/a through \u003c= 1.7.16."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:35.888Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/login-with-phone-number/vulnerability/wordpress-login-with-phone-number-plugin-1-7-16-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "WordPress Login with phone number plugin \u003c= 1.7.16 - Privilege Escalation vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-32507",
"datePublished": "2024-05-17T08:55:21.488Z",
"dateReserved": "2024-04-15T09:12:58.411Z",
"dateUpdated": "2026-04-28T16:09:35.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-32511 (GCVE-0-2024-32511)
Vulnerability from cvelistv5 – Published: 2024-05-17 08:55 – Updated: 2026-04-28 16:09
VLAI
Title
WordPress Simple Registration for WooCommerce plugin <= 1.5.6 - Unauthenticated Privilege Escalation vulnerability
Summary
Improper Privilege Management vulnerability in Astoundify Simple Registration for WooCommerce allows Privilege Escalation.This issue affects Simple Registration for WooCommerce: from n/a through 1.5.6.
Severity
9.8 (Critical)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/woo… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Astoundify | Simple Registration for WooCommerce |
Affected:
n/a , ≤ 1.5.6
(custom)
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:astoundify:simple_registration_for_woocommerce:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "simple_registration_for_woocommerce",
"vendor": "astoundify",
"versions": [
{
"lessThanOrEqual": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-22T18:49:45.767183Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:51:37.045Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:13:39.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/woocommerce-simple-registration/wordpress-simple-registration-for-woocommerce-plugin-1-5-6-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "woocommerce-simple-registration",
"product": "Simple Registration for WooCommerce",
"vendor": "Astoundify",
"versions": [
{
"lessThanOrEqual": "1.5.6",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "NG\u00d4 THI\u00caN AN / ancorn_ from VNPT-VCI (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in Astoundify Simple Registration for WooCommerce allows Privilege Escalation.\u003cp\u003eThis issue affects Simple Registration for WooCommerce: from n/a through 1.5.6.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in Astoundify Simple Registration for WooCommerce allows Privilege Escalation.This issue affects Simple Registration for WooCommerce: from n/a through 1.5.6."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:35.893Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/woocommerce-simple-registration/wordpress-simple-registration-for-woocommerce-plugin-1-5-6-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Simple Registration for WooCommerce plugin \u003c= 1.5.6 - Unauthenticated Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-32511",
"datePublished": "2024-05-17T08:55:57.514Z",
"dateReserved": "2024-04-15T09:12:58.411Z",
"dateUpdated": "2026-04-28T16:09:35.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-32854 (GCVE-0-2024-32854)
Vulnerability from cvelistv5 – Published: 2024-07-02 07:08 – Updated: 2024-08-02 02:20
VLAI
Summary
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to privilege escalation.
Severity
6.7 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022656… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerScale OneFS |
Affected:
8.2.2.x , ≤ 9.5.0.8
(semver)
Affected: 8.2.2.x , ≤ 9.7.0.0 (semver) Affected: 9.7.0.1 , ≤ 9.7.0.2 (semver) Affected: 9.7.0.3 Affected: 9.8.0.0 |
Date Public
2024-07-01 06:30
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dell:powerscale_onefs:8.2.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "powerscale_onefs",
"vendor": "dell",
"versions": [
{
"lessThanOrEqual": "9.8.0.0",
"status": "affected",
"version": "8.2.2",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32854",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T14:00:36.836916Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T16:20:03.387Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000226569/dsa-2024-255-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerScale OneFS",
"vendor": "Dell",
"versions": [
{
"lessThanOrEqual": "9.5.0.8",
"status": "affected",
"version": "8.2.2.x",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.7.0.0",
"status": "affected",
"version": "8.2.2.x",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.7.0.2",
"status": "affected",
"version": "9.7.0.1",
"versionType": "semver"
},
{
"status": "affected",
"version": "9.7.0.3"
},
{
"status": "affected",
"version": "9.8.0.0"
}
]
}
],
"datePublic": "2024-07-01T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to privilege escalation."
}
],
"value": "Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to privilege escalation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T07:08:29.778Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000226569/dsa-2024-255-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-32854",
"datePublished": "2024-07-02T07:08:29.778Z",
"dateReserved": "2024-04-19T09:34:13.525Z",
"dateUpdated": "2024-08-02T02:20:35.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32959 (GCVE-0-2024-32959)
Vulnerability from cvelistv5 – Published: 2024-05-17 09:40 – Updated: 2026-04-28 16:09
VLAI
Title
WordPress Sirv plugin <= 7.2.2 - Arbitrary Option Update to Privilege Escalation vulnerability
Summary
Incorrect Privilege Assignment vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through <= 7.2.2.
Severity
8.8 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sirv CDN and Image Hosting | Sirv |
Affected:
0 , ≤ 7.2.2
(custom)
|
Date Public
2026-04-01 16:25
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sirv:sirv:-:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "sirv",
"vendor": "sirv",
"versions": [
{
"lessThanOrEqual": "7.2.2",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32959",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-17T15:48:36.006614Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:49:47.554Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:27:53.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/sirv/wordpress-sirv-plugin-7-2-2-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "sirv",
"product": "Sirv",
"vendor": "Sirv CDN and Image Hosting",
"versions": [
{
"changes": [
{
"at": "7.2.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Emili Castells | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:25:22.073Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Privilege Assignment vulnerability in Sirv CDN and Image Hosting Sirv sirv.\u003cp\u003eThis issue affects Sirv: from n/a through \u003c= 7.2.2.\u003c/p\u003e"
}
],
"value": "Incorrect Privilege Assignment vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through \u003c= 7.2.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:42.367Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/sirv/vulnerability/wordpress-sirv-plugin-7-2-2-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "WordPress Sirv plugin \u003c= 7.2.2 - Arbitrary Option Update to Privilege Escalation vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-32959",
"datePublished": "2024-05-17T09:40:23.092Z",
"dateReserved": "2024-04-22T10:42:22.448Z",
"dateUpdated": "2026-04-28T16:09:42.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-32960 (GCVE-0-2024-32960)
Vulnerability from cvelistv5 – Published: 2024-05-17 09:40 – Updated: 2026-04-28 16:09
VLAI
Title
WordPress Booking Ultra Pro plugin 1.1.12 - Privilege Escalation vulnerability
Summary
Improper Privilege Management vulnerability in Booking Ultra Pro allows Privilege Escalation.This issue affects Booking Ultra Pro: from n/a through 1.1.12.
Severity
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/boo… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Booking Ultra Pro | Booking Ultra Pro |
Affected:
n/a , ≤ 1.1.12
(custom)
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:bookingultrapro:booking_ultra_pro_appointments_booking_calendar:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "booking_ultra_pro_appointments_booking_calendar",
"vendor": "bookingultrapro",
"versions": [
{
"lessThanOrEqual": "1.1.12",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.1.13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32960",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T19:51:15.646394Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-25T13:33:03.528Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:27:52.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-plugin-1-1-12-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "booking-ultra-pro",
"product": "Booking Ultra Pro",
"vendor": "Booking Ultra Pro",
"versions": [
{
"changes": [
{
"at": "1.1.13",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.1.12",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Emili Castells (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in Booking Ultra Pro allows Privilege Escalation.\u003cp\u003eThis issue affects Booking Ultra Pro: from n/a through 1.1.12.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in Booking Ultra Pro allows Privilege Escalation.This issue affects Booking Ultra Pro: from n/a through 1.1.12."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:42.334Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-plugin-1-1-12-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.1.13 or a higher version."
}
],
"value": "Update to 1.1.13 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Booking Ultra Pro plugin 1.1.12 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-32960",
"datePublished": "2024-05-17T09:40:45.585Z",
"dateReserved": "2024-04-22T10:42:22.448Z",
"dateUpdated": "2026-04-28T16:09:42.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-33500 (GCVE-0-2024-33500)
Vulnerability from cvelistv5 – Published: 2024-06-11 11:15 – Updated: 2024-09-06 17:00
VLAI
Summary
A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.11.0), Mendix Applications using Mendix 10 (V10.6) (All versions < V10.6.9), Mendix Applications using Mendix 9 (All versions >= V9.3.0 < V9.24.22). Affected applications could allow users with the capability to manage a role to elevate the access rights of users with that role. Successful exploitation requires to guess the id of a target role which contains the elevated access rights.
Severity
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | Mendix Applications using Mendix 10 |
Affected:
0 , < V10.11.0
(custom)
|
|
| Siemens | Mendix Applications using Mendix 10 (V10.6) |
Affected:
0 , < V10.6.9
(custom)
|
|
| Siemens | Mendix Applications using Mendix 9 |
Affected:
V9.3.0 , < V9.24.22
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:36:03.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-540640.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mendix",
"vendor": "siemens",
"versions": [
{
"lessThan": "10.11.0",
"status": "affected",
"version": "10..0",
"versionType": "custom"
},
{
"lessThan": "10.6.9",
"status": "affected",
"version": "10.6",
"versionType": "custom"
},
{
"lessThan": "9.24.22",
"status": "affected",
"version": "9.3.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-33500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-20T16:28:31.756301Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T17:00:43.293Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Mendix Applications using Mendix 10",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V10.11.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mendix Applications using Mendix 10 (V10.6)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V10.6.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mendix Applications using Mendix 9",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.24.22",
"status": "affected",
"version": "V9.3.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions \u003c V10.11.0), Mendix Applications using Mendix 10 (V10.6) (All versions \u003c V10.6.9), Mendix Applications using Mendix 9 (All versions \u003e= V9.3.0 \u003c V9.24.22). Affected applications could allow users with the capability to manage a role to elevate the access rights of users with that role. Successful exploitation requires to guess the id of a target role which contains the elevated access rights."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T14:20:45.931Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-540640.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-33500",
"datePublished": "2024-06-11T11:15:43.422Z",
"dateReserved": "2024-04-23T12:07:54.905Z",
"dateUpdated": "2024-09-06T17:00:43.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-33522 (GCVE-0-2024-33522)
Vulnerability from cvelistv5 – Published: 2024-04-29 22:19 – Updated: 2024-08-02 02:36
VLAI
Title
Privilege escalation in Calico CNI install binary
Summary
In vulnerable versions of Calico (v3.27.2 and below), Calico Enterprise (v3.19.0-1, v3.18.1, v3.17.3 and below), and Calico Cloud (v19.2.0 and below), an attacker who has local access to the Kubernetes node, can escalate their privileges by exploiting a vulnerability in the Calico CNI install binary. The issue arises from an incorrect SUID (Set User ID) bit configuration in the binary, combined with the ability to control the input binary, allowing an attacker to execute an arbitrary binary with elevated privileges.
Severity
6.7 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/projectcalico/calico/issues/7981 | exploitissue-tracking |
| https://github.com/projectcalico/calico/pull/8447 | patch |
| https://github.com/projectcalico/calico/pull/8517 | patch |
| https://www.tigera.io/security-bulletins-tta-2024-001/ | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Tigera | Calico |
Affected:
0 , < v3.26.5
(semver)
Affected: v3.27.0 , < v3.27.3 (semver) Unaffected: v3.28.0 |
|
| Tigera | Calico Enterprise |
Affected:
0 , < v3.17.4
(semver)
Affected: v3.18.0 , < v3.18.2 (semver) Affected: v3.19.0-1.0 , < v3.19.0-2.0 (semver) |
|
| Tigera | Calico Cloud |
Affected:
0 , < v19.3.0
(semver)
|
Date Public
2024-04-29 19:57
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:tigera:calico:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "calico",
"vendor": "tigera",
"versions": [
{
"lessThan": "v3.26.5",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "v3.27.3",
"status": "affected",
"version": "v3.27.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "v3.28.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:tigera:calico_enterprise:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "calico_enterprise",
"vendor": "tigera",
"versions": [
{
"lessThan": "v3.17.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "v3.18.2",
"status": "affected",
"version": "v3.18.0",
"versionType": "semver"
},
{
"lessThan": "v3.19.0-2.0",
"status": "affected",
"version": "v3.19.0-1.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:tigera:calico_cloud:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "calico_cloud",
"vendor": "tigera",
"versions": [
{
"lessThan": "v19.3.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-33522",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T16:51:23.967533Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T17:09:59.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:36:04.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/projectcalico/calico/issues/7981"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/projectcalico/calico/pull/8447"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/projectcalico/calico/pull/8517"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.tigera.io/security-bulletins-tta-2024-001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "cni-plugin",
"product": "Calico",
"repo": "https://www.tigera.io/tigera-products/calico/",
"vendor": "Tigera",
"versions": [
{
"lessThan": "v3.26.5",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "v3.27.3",
"status": "affected",
"version": "v3.27.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "v3.28.0"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "cni-plugin",
"product": "Calico Enterprise ",
"vendor": "Tigera",
"versions": [
{
"lessThan": "v3.17.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "v3.18.2",
"status": "affected",
"version": "v3.18.0",
"versionType": "semver"
},
{
"lessThan": "v3.19.0-2.0",
"status": "affected",
"version": "v3.19.0-1.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "cni-plugin",
"product": "Calico Cloud",
"vendor": "Tigera",
"versions": [
{
"lessThan": "v19.3.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Christopher Alonso (Github: @latortuga71)"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Anthony Tam"
},
{
"lang": "en",
"type": "remediation verifier",
"value": "Behnam Shobiri"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Pedro Coutinho"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Matt Dupre"
}
],
"datePublic": "2024-04-29T19:57:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eIn vulnerable \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003eversions of Calico (v3.27.2 and below), Calico Enterprise (v3.19.0-1, v3.18.1, v3.17.3 and below), and Calico Cloud (v19.2.0 and below), an attacker who has local access to the Kubernetes node, can escalate their privileges by exploiting a vulnerability in the Calico CNI install binary. The issue arises from an incorrect SUID (Set User ID) bit configuration in the binary, combined with the ability to control the input binary, allowing an attacker to execute an arbitrary binary with elevated privileges.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "In vulnerable versions of Calico (v3.27.2 and below), Calico Enterprise (v3.19.0-1, v3.18.1, v3.17.3 and below), and Calico Cloud (v19.2.0 and below), an attacker who has local access to the Kubernetes node, can escalate their privileges by exploiting a vulnerability in the Calico CNI install binary. The issue arises from an incorrect SUID (Set User ID) bit configuration in the binary, combined with the ability to control the input binary, allowing an attacker to execute an arbitrary binary with elevated privileges.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-29T22:19:06.908Z",
"orgId": "e6d453f4-3dae-4941-bcea-9af25f4e824d",
"shortName": "Tigera"
},
"references": [
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/projectcalico/calico/issues/7981"
},
{
"tags": [
"patch"
],
"url": "https://github.com/projectcalico/calico/pull/8447"
},
{
"tags": [
"patch"
],
"url": "https://github.com/projectcalico/calico/pull/8517"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.tigera.io/security-bulletins-tta-2024-001/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Privilege escalation in Calico CNI install binary",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e6d453f4-3dae-4941-bcea-9af25f4e824d",
"assignerShortName": "Tigera",
"cveId": "CVE-2024-33522",
"datePublished": "2024-04-29T22:19:06.908Z",
"dateReserved": "2024-04-23T16:32:33.170Z",
"dateUpdated": "2024-08-02T02:36:04.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-1
Phases: Architecture and Design, Operation
Description:
- Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation ID: MIT-48
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation ID: MIT-49
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.