CWE-269 - Improper Privilege Management

Description

The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.The weakness is introduced during Architecture and Design, Implementation and Operation stages. This weakness is caused during implementation of an architectural security tactic.

Latest vulnerabilities for CWE-269

SolarWinds Security Event Manager (SEM) update for third-party components 2024-04-17
Medium Yes

Multiple vulnerabilities in Oracle Linux 2024-04-17
High Yes

Multiple vulnerabilities in IBM Sterling Order Management 2024-04-16
High Yes

Multiple vulnerabilities in Siemens RUGGEDCOM APE1808 2024-04-15
Medium No

Multiple vulnerabilities in IBM QRadar SIEM 2024-04-12
High Yes

Improper Privilege Management in Palo Alto PAN-OS and Prisma Access 2024-04-12
Low Yes

Multiple vulnerabilities in Microsoft Defender for IoT 2024-04-10
Low Yes

Multiple vulnerabilities in Microsoft Brokering File System 2024-04-10
Low Yes

Privilege escalation in Microsoft Windows Storage 2024-04-09
Low Yes

Privilege escalation in Zoom Desktop Client for macOS 2024-04-09
Low Yes

References

Description of CWE-269 on Mitre website