Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

CVEs (881)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-47140 1Ibm 1Cics Transaction Gateway Nov 21, 2024 Jan 8, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls.
CVE-2023-29066 1Bd 1Facschorus Nov 21, 2024 Nov 28, 2023 N/A· v4 3.5 LOW· v3 N/A· v2 The FACSChorus software does not properly assign data access privileges for operating system user accounts. A non-administrative OS account can modify information stored in the local application data folders.
CVE-2023-6009 1Userproplugin 1Userpro Apr 8, 2026 Nov 22, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.4 due to insufficient restriction on the 'userpro_update_user_profile' function. This makes it possible for aut...Show more The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.4 due to insufficient restriction on the 'userpro_update_user_profile' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wp_capabilities' parameter during a profile update.Show less
CVE-2023-5913 1Microfocus 1Fortify Scancentral Dast Nov 21, 2024 Nov 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1,...Show more Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1. Show less
CVE-2023-5077 1Hashicorp 1Vault Nov 21, 2024 Sep 29, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 The Vault and Vault Enterprise ("Vault") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0.
CVE-2023-3775 1Hashicorp 1Vault Nov 21, 2024 Sep 29, 2023 N/A· v4 4.9 MEDIUM· v3 N/A· v2 A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in d...Show more A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in denial of service. Fixed in Vault Enterprise 1.15.0, 1.14.4, 1.13.8.Show less
CVE-2023-4153 1Webmedia 1Ban Users Apr 8, 2026 Sep 13, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The BAN Users plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.5.3 due to a missing capability check on the 'w3dev_save_ban_user_settings_callback' function. This makes it po...Show more The BAN Users plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.5.3 due to a missing capability check on the 'w3dev_save_ban_user_settings_callback' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify the plugin settings to access the ban and unban functionality and set the role of the unbanned user.Show less
CVE-2023-21269 1Google 1Android Nov 21, 2024 Aug 14, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. This could lead to local escalation of privilege with no additional execut...Show more In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Show less
CVE-2023-30691 1Samsung 1Android Nov 21, 2024 Aug 10, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation.
CVE-2023-30680 1Samsung 1Android Nov 21, 2024 Aug 10, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows code execution with privilege.
CVE-2023-3518 1Hashicorp 1Consul Nov 21, 2024 Aug 9, 2023 N/A· v4 7.3 HIGH· v3 N/A· v2 HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1.
CVE-2023-39173 1Jetbrains 1Teamcity Nov 21, 2024 Jul 25, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access
CVE-2023-3300 1Hashicorp 1Nomad Nov 21, 2024 Jul 20, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 HashiCorp Nomad and Nomad Enterprise 0.11.0 up to 1.5.6 and 1.4.1 HTTP search API can reveal names of available CSI plugins to unauthenticated users or users without the plugin:read policy. Fixed in 1.6.0, 1.5.7, and 1.4...Show more HashiCorp Nomad and Nomad Enterprise 0.11.0 up to 1.5.6 and 1.4.1 HTTP search API can reveal names of available CSI plugins to unauthenticated users or users without the plugin:read policy. Fixed in 1.6.0, 1.5.7, and 1.4.1.Show less
CVE-2023-3072 1Hashicorp 1Nomad Nov 21, 2024 Jul 20, 2023 N/A· v4 3.8 LOW· v3 N/A· v2 HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11.
CVE-2023-3114 1Hashicorp 1Terraform Enterprise Nov 21, 2024 Jun 22, 2023 N/A· v4 7.7 HIGH· v3 N/A· v2 Terraform Enterprise since v202207-1 did not properly implement authorization rules for agent pools, allowing the workspace to be targeted by unauthorized agents. This authorization flaw could potentially allow a workspa...Show more Terraform Enterprise since v202207-1 did not properly implement authorization rules for agent pools, allowing the workspace to be targeted by unauthorized agents. This authorization flaw could potentially allow a workspace to access resources from a separate, higher-privileged workspace in the same organization that targeted an agent pool. This vulnerability, CVE-2023-3114, is fixed in Terraform Enterprise v202306-1.Show less
CVE-2023-28956 1Ibm 1Spectrum Protect Backup Archive Client Nov 21, 2024 Jun 22, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls.
CVE-2023-2485 1Gitlab 1Gitlab Mar 20, 2025 Jun 7, 2023 N/A· v4 4.9 MEDIUM· v3 N/A· v2 An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A malicious maintaine...Show more An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A malicious maintainer in a project can escalate other users to Owners in that project if they import members from another project that those other users are Owners of.Show less
CVE-2023-2816 1Hashicorp 1Consul Nov 21, 2024 Jun 2, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of wheth...Show more Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies.Show less
CVE-2023-1174 1Kubernetes 1Minikube Nov 21, 2024 May 24, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container.
CVE-2023-1874 1Wpdataaccess 1Wp Data Access Apr 8, 2026 Apr 12, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiple_roles_update function. This makes it po...Show more The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiple_roles_update function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wpda_role[]' parameter during a profile update. This requires the 'Enable role management' setting to be enabled for the site.Show less

Previous 1...394041...45 Next