Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-266 (特权授予不正确) — Vulnerability Class 382

382 vulnerabilities classified as CWE-266 (特权授予不正确). AI Chinese analysis included.

CWE-266 represents a critical access control weakness where software incorrectly assigns privileges to an actor, granting them an unintended sphere of control. This flaw typically arises from flawed logic in role-based or discretionary access control mechanisms, allowing users to perform actions beyond their authorized scope. Attackers exploit this by manipulating input parameters or session tokens to escalate privileges, effectively bypassing security boundaries to access sensitive data or execute administrative functions. To prevent such vulnerabilities, developers must implement robust, centralized authorization checks that verify permissions at every critical point of execution rather than relying on client-side validations. Adhering to the principle of least privilege ensures that actors receive only the minimum access necessary for their specific tasks. Rigorous code reviews and automated security testing further help identify incorrect privilege assignments before deployment, maintaining strict integrity over system resources.

MITRE CWE Description
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Common Consequences (1)
Access ControlGain Privileges or Assume Identity
A user can access restricted functionality and/or sensitive information that may include administrative functionality and user accounts.
Mitigations (2)
Architecture and Design, OperationVery carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Architecture and Design, OperationRun your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database ad…
Examples (2)
The following example demonstrates the weakness.
seteuid(0); /* do some stuff */ seteuid(getuid());
Bad · C
The following example demonstrates the weakness.
AccessController.doPrivileged(new PrivilegedAction() { public Object run() { // privileged code goes here, for example: System.loadLibrary("awt"); return null; // nothing to return }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2020-6652 Incorrect privilege assignment allowing non-admin users to upload config files — Intelligent Power manager (IPM) 7.8 High2020-05-07
CVE-2020-1989 Global Protect Agent: Incorrect privilege assignment allows local privilege escalation — Global Protect Agent 7.0 High2020-04-08
CVE-2019-19348 Red Hat OpenShift Container Platform openshift/apb-base 安全漏洞 — openshift/apb-base 7.0 High2020-04-02
CVE-2019-19346 Red Hat OpenShift Container Platform openshift/mariadb-apb 安全漏洞 — openshift/mariadb-apb 7.0 High2020-04-02
CVE-2020-7009 Elasticsearch 安全漏洞 — Elasticsearch 8.8 -2020-03-31
CVE-2019-19345 OpenShift Enterprise 安全漏洞 — openshift/mediawiki-apb 7.0 High2020-03-20
CVE-2020-1705 Red Hat OpenShift 安全漏洞 — openshift/template-service-broker-operator 7.0 High2020-03-19
CVE-2019-19355 Red Hat openshift-enterprise-ansible-operator-container 安全漏洞 — openshift 7.0 High2020-03-18
CVE-2019-19351 Red Hat jenkins-slave-base-rhel7-container 安全漏洞 — openshift 7.0 High2020-03-18
CVE-2020-1704 Red Hat OpenShift Container Platform openshift/istio-kiali-rhel7-operator-container 安全漏洞 — openshift-service-mesh/kiali-rhel7-operator 7.0 High2020-02-17
CVE-2020-1708 OpenShift Enterprise 安全漏洞 — openshift/mysql-apb 7.0 High2020-02-07
CVE-2019-10940 Siemens SINEMA Server 安全漏洞 — SINEMA Server 9.9 -2020-01-16
CVE-2019-14819 Red Hat OpenShift Container Platform 安全漏洞 — openshift-ansible 8.8 -2020-01-07
CVE-2019-11893 Incorrect privilege assignment in the app permission update API of the Bosch Smart Home Controller (SHC) — Smart Home Controller 8.0 -2019-05-29
CVE-2019-11891 Incorrect privilege assignment in the app pairing mechanism of the Bosch Smart Home Controller (SHC) — Smart Home Controller 8.0 -2019-05-29
CVE-2019-10143 FreeRADIUS 竞争条件问题漏洞 — freeradius 7.8 -2019-05-24
CVE-2019-3843 systemd 权限许可和访问控制问题漏洞 — systemd 7.8 -2019-04-26
CVE-2016-7066 Red Hat JBoss Enterprise Application Platform 安全漏洞 — JBoss Enterprise Application Platform 7.8 -2018-09-11
CVE-2016-7070 Ansible Tower 权限许可和访问控制漏洞 — Ansible Tower 8.0 -2018-09-11
CVE-2018-1101 Ansible Tower 安全漏洞 — Ansible Tower 7.2 -2018-05-02
CVE-2018-1088 gluster 后置链接漏洞 — glusterfs 7.5 -2018-04-18
CVE-2017-12711 Advantech WebAccess 安全漏洞 — Advantech WebAccess 7.8 -2017-08-30

Vulnerabilities classified as CWE-266 (特权授予不正确) represent 382 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.