CWE-274
DiscouragedImproper Handling of Insufficient Privileges
Abstraction: Base · Status: Draft
The product does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses.
54 vulnerabilities reference this CWE, most recent first.
GHSA-5X8J-G9XW-PCMW
Vulnerability from github – Published: 2025-09-06 18:30 – Updated: 2025-09-06 18:30Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in loss of confidentiality or integrity.
{
"affected": [],
"aliases": [
"CVE-2023-20516"
],
"database_specific": {
"cwe_ids": [
"CWE-274"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-06T17:15:29Z",
"severity": "LOW"
},
"details": "Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in loss of confidentiality or integrity.",
"id": "GHSA-5x8j-g9xw-pcmw",
"modified": "2025-09-06T18:30:32Z",
"published": "2025-09-06T18:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20516"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6018.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-72PF-J5FJ-GG32
Vulnerability from github – Published: 2021-11-19 00:00 – Updated: 2022-10-27 19:00Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. Consequently, exploitation may lead to unauthorized modifications on data/firmware, and/or to permanently disabling the product. This issue affects: Hitachi Energy Relion 670 Series 2.0 all revisions; 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.5. Hitachi Energy Relion 670/650 Series 2.1 all revisions. 2.2.0 all revisions; 2.2.4 all revisions; Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions; 2.2.5 versions prior to 2.2.5.2. Hitachi Energy Relion 650 1.0 all revisions. 1.1 all revisions; 1.2 all revisions; 1.3 versions prior to 1.3.0.8; Hitachi Energy GMS600 1.3.0; 1.3.0.1; 1.2.0. Hitachi Energy PWC600 1.0.1 version 1.0.1.4 and prior versions; 1.1.0 version 1.1.0.1 and prior versions.
{
"affected": [],
"aliases": [
"CVE-2021-35534"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-274",
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-18T17:15:00Z",
"severity": "HIGH"
},
"details": "Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal database tables, could allow anybody with user credentials to bypass security controls that is enforced by the product. Consequently, exploitation may lead to unauthorized modifications on data/firmware, and/or to permanently disabling the product. This issue affects: Hitachi Energy Relion 670 Series 2.0 all revisions; 2.2.2 all revisions; 2.2.3 versions prior to 2.2.3.5. Hitachi Energy Relion 670/650 Series 2.1 all revisions. 2.2.0 all revisions; 2.2.4 all revisions; Hitachi Energy Relion 670/650/SAM600-IO 2.2.1 all revisions; 2.2.5 versions prior to 2.2.5.2. Hitachi Energy Relion 650 1.0 all revisions. 1.1 all revisions; 1.2 all revisions; 1.3 versions prior to 1.3.0.8; Hitachi Energy GMS600 1.3.0; 1.3.0.1; 1.2.0. Hitachi Energy PWC600 1.0.1 version 1.0.1.4 and prior versions; 1.1.0 version 1.1.0.1 and prior versions.",
"id": "GHSA-72pf-j5fj-gg32",
"modified": "2022-10-27T19:00:29Z",
"published": "2021-11-19T00:00:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35534"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000058\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000059\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000060\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-78CG-FC6C-W44W
Vulnerability from github – Published: 2026-04-09 18:31 – Updated: 2026-04-10 21:35Sny registered user can query web service with their credentials and get files/sub-folders of any folder by ID (metadata only NOT contents). Metadata includes id, type, name and some other field. Full list of fields get be checked at FileItemDTO object.
This issue affects Apache OpenMeetings: from 3.10 before 9.0.0.
Users are recommended to upgrade to version 9.0.0, which fixes the issue.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.openmeetings:openmeetings-parent"
},
"ranges": [
{
"events": [
{
"introduced": "3.10"
},
{
"fixed": "9.0.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-33005"
],
"database_specific": {
"cwe_ids": [
"CWE-274"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-10T21:24:13Z",
"nvd_published_at": "2026-04-09T16:16:26Z",
"severity": "MODERATE"
},
"details": "Sny registered user can query web service with their credentials and get files/sub-folders of any folder by ID (metadata only NOT contents). Metadata includes id, type, name and some other field. Full list of fields get be checked at\u00a0FileItemDTO\u00a0object.\n\nThis issue affects Apache OpenMeetings: from 3.10 before 9.0.0.\n\nUsers are recommended to upgrade to version 9.0.0, which fixes the issue.",
"id": "GHSA-78cg-fc6c-w44w",
"modified": "2026-04-10T21:35:08Z",
"published": "2026-04-09T18:31:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33005"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/openmeetings"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/pttoprd628g3xr6lpp3bm1z8m3z8t4p7"
},
{
"type": "WEB",
"url": "https://openmeetings.apache.org/openmeetings-db/apidocs/org.apache.openmeetings.db/org/apache/openmeetings/db/dto/file/FileItemDTO.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/04/09/10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Apache OpenMeetings has an Improper Handling of Insufficient Privileges vulnerability"
}
GHSA-83QC-96JM-C5Q7
Vulnerability from github – Published: 2024-11-01 06:30 – Updated: 2024-11-01 06:30NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.
{
"affected": [],
"aliases": [
"CVE-2024-0106"
],
"database_specific": {
"cwe_ids": [
"CWE-274"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-01T06:15:12Z",
"severity": "HIGH"
},
"details": "NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.",
"id": "GHSA-83qc-96jm-c5q7",
"modified": "2024-11-01T06:30:35Z",
"published": "2024-11-01T06:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0106"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5562"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8M34-GHFG-XXC2
Vulnerability from github – Published: 2025-01-22 18:31 – Updated: 2025-01-22 18:31A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device.
This vulnerability exists because proper authorization is not enforced upon REST API users. An attacker could exploit this vulnerability by sending API requests to a specific endpoint. A successful exploit could allow the attacker to gain administrator-level control over edge nodes that are managed by Cisco Meeting Management.
{
"affected": [],
"aliases": [
"CVE-2025-20156"
],
"database_specific": {
"cwe_ids": [
"CWE-274",
"CWE-276"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-22T17:15:12Z",
"severity": "CRITICAL"
},
"details": "A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device.\n\nThis vulnerability exists because proper authorization is not enforced upon\u0026nbsp;REST API users. An attacker could exploit this vulnerability by sending API requests to a specific endpoint. A successful exploit could allow the attacker to gain administrator-level control over edge nodes that are managed by Cisco Meeting Management.",
"id": "GHSA-8m34-ghfg-xxc2",
"modified": "2025-01-22T18:31:56Z",
"published": "2025-01-22T18:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20156"
},
{
"type": "WEB",
"url": "https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8R6J-WMVW-5VCW
Vulnerability from github – Published: 2023-08-16 15:30 – Updated: 2024-04-04 06:59Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.
{
"affected": [],
"aliases": [
"CVE-2023-32494"
],
"database_specific": {
"cwe_ids": [
"CWE-274"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-16T13:15:10Z",
"severity": "MODERATE"
},
"details": "\nDell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.\n\n",
"id": "GHSA-8r6j-wmvw-5vcw",
"modified": "2024-04-04T06:59:30Z",
"published": "2023-08-16T15:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32494"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9MV8-435W-VW85
Vulnerability from github – Published: 2024-03-27 18:32 – Updated: 2024-03-27 18:32A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, local attacker to access WLAN configuration details including passwords.
This vulnerability is due to improper privilege checks. An attacker could exploit this vulnerability by using the show and show tech wireless CLI commands to access configuration details, including passwords. A successful exploit could allow the attacker to access configuration details that they are not authorized to access.
{
"affected": [],
"aliases": [
"CVE-2024-20324"
],
"database_specific": {
"cwe_ids": [
"CWE-274"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-27T17:15:53Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, local attacker to access WLAN configuration details including passwords.\n\n This vulnerability is due to improper privilege checks. An attacker could exploit this vulnerability by using the show and show tech wireless CLI commands to access configuration details, including passwords. A successful exploit could allow the attacker to access configuration details that they are not authorized to access.",
"id": "GHSA-9mv8-435w-vw85",
"modified": "2024-03-27T18:32:38Z",
"published": "2024-03-27T18:32:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20324"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-wlc-privesc-RjSMrmPK"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-9X4Q-3GXW-849F
Vulnerability from github – Published: 2024-08-08 14:37 – Updated: 2025-01-21 17:56Summary
If a user is granted the admin:users scope, they may escalate their own privileges by making themselves a full admin user.
Details
The admin:users scope allows a user to edit user records:
admin:users
Read, write, create and delete users and their authentication state, not including their servers or tokens.
-- https://jupyterhub.readthedocs.io/en/stable/rbac/scopes.html#available-scopes
However, this includes making users admins. Admin users are granted scopes beyond admin:users making this a mechanism by which granted scopes may be escalated.
Impact
The impact is relatively small in that admin:users is already an extremely privileged scope only granted to trusted users.
In effect, admin:users is equivalent to admin=True, which is not intended.
Note that the change here only prevents escalation to the built-in JupyterHub admin role that has unrestricted permissions. It does not prevent users with e.g. groups permissions from granting themselves or other users permissions via group membership, which is intentional.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "jupyterhub"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.1.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "jupyterhub"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.1.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-41942"
],
"database_specific": {
"cwe_ids": [
"CWE-274"
],
"github_reviewed": true,
"github_reviewed_at": "2024-08-08T14:37:06Z",
"nvd_published_at": "2024-08-08T15:15:17Z",
"severity": "HIGH"
},
"details": "### Summary\n\nIf a user is granted the `admin:users` scope, they may escalate their own privileges by making themselves a full admin user.\n\n### Details\n\nThe `admin:users` scope allows a user to edit user records:\n\n\u003e admin:users\n\u003e\n\u003e Read, write, create and delete users and their authentication state, not including their servers or tokens.\n\u003e\n\u003e -- https://jupyterhub.readthedocs.io/en/stable/rbac/scopes.html#available-scopes\n\nHowever, this includes making users admins. Admin users are granted scopes beyond `admin:users` making this a mechanism by which granted scopes may be escalated.\n\n### Impact\n\nThe impact is relatively small in that `admin:users` is already an extremely privileged scope only granted to trusted users.\nIn effect, `admin:users` is equivalent to `admin=True`, which is not intended.\n\nNote that the change here only prevents escalation to the built-in JupyterHub admin role that has unrestricted permissions. It does not prevent users with e.g. `groups` permissions from granting themselves or other users permissions via group membership, which is intentional.",
"id": "GHSA-9x4q-3gxw-849f",
"modified": "2025-01-21T17:56:40Z",
"published": "2024-08-08T14:37:06Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-9x4q-3gxw-849f"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41942"
},
{
"type": "WEB",
"url": "https://github.com/jupyterhub/jupyterhub/commit/99e2720b0fc626cbeeca3c6337f917fdacfaa428"
},
{
"type": "WEB",
"url": "https://github.com/jupyterhub/jupyterhub/commit/ff2db557a85b6980f90c3158634bf924063ab8ba"
},
{
"type": "PACKAGE",
"url": "https://github.com/jupyterhub/jupyterhub"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/jupyterhub/PYSEC-2024-200.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "JupyterHub has a privilege escalation vulnerability with the `admin:users` scope"
}
GHSA-CP5J-WRWQ-37JX
Vulnerability from github – Published: 2024-11-01 06:30 – Updated: 2024-11-01 06:30NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.
{
"affected": [],
"aliases": [
"CVE-2024-0105"
],
"database_specific": {
"cwe_ids": [
"CWE-274"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-01T06:15:12Z",
"severity": "HIGH"
},
"details": "NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.",
"id": "GHSA-cp5j-wrwq-37jx",
"modified": "2024-11-01T06:30:35Z",
"published": "2024-11-01T06:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0105"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5562"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HGHX-C858-JM7Q
Vulnerability from github – Published: 2025-03-12 18:32 – Updated: 2025-03-12 18:32A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device.
This vulnerability is due to incomplete validation of files in the boot verification process. An attacker could exploit this vulnerability by manipulating the system configuration options to bypass some of the integrity checks that are performed during the boot process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass the requirement to run Cisco-signed images or alter the security properties of the running system. Note: Because exploitation of this vulnerability could result in the attacker bypassing Cisco image verification, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.
{
"affected": [],
"aliases": [
"CVE-2025-20177"
],
"database_specific": {
"cwe_ids": [
"CWE-274"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-12T16:15:22Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device.\n\nThis vulnerability is due to incomplete validation of files in the boot verification process. An attacker could exploit this vulnerability by manipulating the system configuration options to bypass some of the integrity checks that are performed during the boot process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass the requirement to run Cisco-signed images or alter the security properties of the running system.\nNote: Because exploitation of this vulnerability could result in the attacker bypassing Cisco image verification, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.",
"id": "GHSA-hghx-c858-jm7q",
"modified": "2025-03-12T18:32:53Z",
"published": "2025-03-12T18:32:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20177"
},
{
"type": "WEB",
"url": "https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xr-verii-bypass-HhPwQRvx"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.