Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-266 (特权授予不正确) — Vulnerability Class 382

382 vulnerabilities classified as CWE-266 (特权授予不正确). AI Chinese analysis included.

CWE-266 represents a critical access control weakness where software incorrectly assigns privileges to an actor, granting them an unintended sphere of control. This flaw typically arises from flawed logic in role-based or discretionary access control mechanisms, allowing users to perform actions beyond their authorized scope. Attackers exploit this by manipulating input parameters or session tokens to escalate privileges, effectively bypassing security boundaries to access sensitive data or execute administrative functions. To prevent such vulnerabilities, developers must implement robust, centralized authorization checks that verify permissions at every critical point of execution rather than relying on client-side validations. Adhering to the principle of least privilege ensures that actors receive only the minimum access necessary for their specific tasks. Rigorous code reviews and automated security testing further help identify incorrect privilege assignments before deployment, maintaining strict integrity over system resources.

MITRE CWE Description
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Common Consequences (1)
Access ControlGain Privileges or Assume Identity
A user can access restricted functionality and/or sensitive information that may include administrative functionality and user accounts.
Mitigations (2)
Architecture and Design, OperationVery carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Architecture and Design, OperationRun your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database ad…
Examples (2)
The following example demonstrates the weakness.
seteuid(0); /* do some stuff */ seteuid(getuid());
Bad · C
The following example demonstrates the weakness.
AccessController.doPrivileged(new PrivilegedAction() { public Object run() { // privileged code goes here, for example: System.loadLibrary("awt"); return null; // nothing to return }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2024-47904 Siemens InterMesh 7177和Siemens InterMesh 7707 安全漏洞 — InterMesh 7177 Hybrid 2.0 Subscriber 7.8 High2024-10-23
CVE-2024-49608 WordPress GERRYWORKS Post by Mail plugin <= 1.0 - Privilege Escalation vulnerability — GERRYWORKS Post by Mail 8.8 High2024-10-20
CVE-2024-49217 WordPress Adding drop down roles in registration plugin <= 1.1 - Privilege Escalation vulnerability — Adding drop down roles in registration 9.8 Critical2024-10-17
CVE-2024-49219 WordPress RS-Members plugin <= 1.0.3 - Privilege Escalation vulnerability — RS-Members 8.8 High2024-10-17
CVE-2024-49322 WordPress Job Board Manager for WordPress plugin <= 1.0 - Privilege Escalation vulnerability — Job Board Manager for WordPress 9.8 Critical2024-10-17
CVE-2024-9863 Miniorange OTP Verification with Firebase <= 3.6.0 - Privilege Escalation via Registration due to Administrator Default User Role Value — Miniorange OTP Verification with Firebase 9.8 Critical2024-10-17
CVE-2024-9180 Vault Operators in Root Namespace May Elevate Their Privileges — Vault 7.2 High2024-10-10
CVE-2024-9519 UserPlus <= 2.0 - Authenticated (Editor+) Registration Form Update to Privilege Escalation — User registration & user profile – UserPlus 7.2 High2024-10-10
CVE-2024-47653 Missing Authorization Vulnerability — Client Dashboard 7.1 -2024-10-04
CVE-2024-25632 Unauthorised granting of administrator privileges over arbitrary teams under certain circumstances — elabftw 8.6 High2024-10-01
CVE-2024-22303 WordPress Houzez theme <= 3.2.4 - Privilege Escalation vulnerability — Houzez 8.8 High2024-09-17
CVE-2024-21743 WordPress Houzez Login Register plugin <= 3.2.5 - Privilege Escalation vulnerability — Houzez Login Register 8.8 High2024-09-17
CVE-2024-8253 Post Grid and Gutenberg Blocks 2.2.87 - 2.2.90 - Authenticated (Subscriber+) Privilege Escalation — Post Grid and Gutenberg Blocks 8.8 High2024-09-11
CVE-2024-40681 IBM MQ security bypass — MQ 7.5 High2024-09-07
CVE-2024-39579 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 6.7 Medium2024-08-31
CVE-2024-4555 User impersonation with MFA when configure in specific way — NetIQ Access Manager 7.7 High2024-08-28
CVE-2024-39576 Dell Power Manager 安全漏洞 — Dell Power Manager (DPM) 8.8 High2024-08-22
CVE-2024-20466 Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability — Cisco Identity Services Engine Software 6.5 Medium2024-08-21
CVE-2024-28000 WordPress LiteSpeed Cache plugin <= 6.3.0.1 - Unauthenticated Privilege Escalation vulnerability — LiteSpeed Cache 9.8 Critical2024-08-21
CVE-2024-6322 Grafana 安全漏洞 — Grafana 4.4 Medium2024-08-20
CVE-2024-25633 In eLabFTW, if administrators can create users, users can too — elabftw 5.4 Medium2024-08-15
CVE-2024-42441 Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Incorrect Privilege Assignment — Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS 6.2 Medium2024-08-14
CVE-2024-43153 WordPress Woffice theme <= 5.4.10 - Unauthenticated Privilege Escalation vulnerability — Woffice 9.8 Critical2024-08-13
CVE-2024-6758 Improper Privilege Management vulnerability in Sprecher Automation SPRECON-E — SPRECON-E 6.5 Medium2024-08-12
CVE-2024-7480 Improper access control in Avaya Aura System Manager — Aura System Manager 4.2 Medium2024-08-08
CVE-2024-23794 Agents are able to lock the ticket without the "Owner" permission — OTRS 5.2 Medium2024-07-15
CVE-2024-37927 WordPress Jobmonster theme <= 4.7.5 - Unauthenticated Privilege Escalation vulnerability — Jobmonster 9.8 Critical2024-07-12
CVE-2024-38278 Siemens RUGGEDCOM 安全漏洞 — RUGGEDCOM RMC8388 V5.X 6.6 Medium2024-07-09
CVE-2024-37134 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 6.7 Medium2024-07-02
CVE-2024-37132 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 6.7 Medium2024-07-02

Vulnerabilities classified as CWE-266 (特权授予不正确) represent 382 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.