Common Weakness Enumeration

CWE-270

Allowed

Privilege Context Switching Error

Abstraction: Base · Status: Draft

The product does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control.

45 vulnerabilities reference this CWE, most recent first.

GHSA-QXGX-HVG3-V92W

Vulnerability from github – Published: 2024-10-24 17:48 – Updated: 2024-10-24 21:45
VLAI
Summary
ai-admin-graphql has a Denial of service vulnerability in SaaS and marketplace setups
Details

All SaaS and marketplace setups using Aimeos version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "aimeos/ai-admin-graphql"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2024.04.1"
            },
            {
              "fixed": "2024.07.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-47173"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-270"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-10-24T17:48:40Z",
    "nvd_published_at": "2024-10-24T19:15:14Z",
    "severity": "MODERATE"
  },
  "details": "All SaaS and marketplace setups using Aimeos version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack",
  "id": "GHSA-qxgx-hvg3-v92w",
  "modified": "2024-10-24T21:45:39Z",
  "published": "2024-10-24T17:48:40Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/aimeos/ai-admin-graphql/security/advisories/GHSA-qxgx-hvg3-v92w"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47173"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/aimeos/ai-admin-graphql"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "ai-admin-graphql has a Denial of service vulnerability in SaaS and marketplace setups"
}

GHSA-RFP5-6W27-JRQ7

Vulnerability from github – Published: 2022-02-15 01:40 – Updated: 2022-02-15 01:40
VLAI
Summary
Incorrect Comparison, Permissive List of Allowed Inputs, and Privilege Context Switching Error in PostgreSQL
Details

A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-25696"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-183",
      "CWE-270",
      "CWE-697"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-23T22:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \\gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
  "id": "GHSA-rfp5-6w27-jrq7",
  "modified": "2022-02-15T01:40:50Z",
  "published": "2022-02-15T01:40:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25696"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894430"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202012-07"
    },
    {
      "type": "WEB",
      "url": "https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Incorrect Comparison, Permissive List of Allowed Inputs, and Privilege Context Switching Error in PostgreSQL"
}

GHSA-W5VR-C46G-2G2J

Vulnerability from github – Published: 2025-07-10 03:32 – Updated: 2025-07-10 03:32
VLAI
Details

A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary.

This issue affects Command Centre Server:

9.30 prior to 9.30.1874 (MR1), 9.20 prior to 9.20.2337 (MR3), 9.10 prior to 9.10.3194 (MR6), 9.00 prior to 9.00.3371 (MR7), all versions of 8.90 and prior.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-46406"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-270"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-10T03:15:29Z",
    "severity": "MODERATE"
  },
  "details": "A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary.\n\nThis issue affects Command Centre Server: \n\n9.30 prior to 9.30.1874\u00a0(MR1), 9.20 prior to 9.20.2337\u00a0(MR3), 9.10 prior to 9.10.3194\u00a0(MR6), 9.00 prior to 9.00.3371\u00a0(MR7), all versions of 8.90 and prior.",
  "id": "GHSA-w5vr-c46g-2g2j",
  "modified": "2025-07-10T03:32:13Z",
  "published": "2025-07-10T03:32:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46406"
    },
    {
      "type": "WEB",
      "url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-46406"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X654-52CQ-HXJ3

Vulnerability from github – Published: 2024-09-12 21:32 – Updated: 2024-09-12 21:32
VLAI
Details

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It may have been possible for an attacker with a victim's CI_JOB_TOKEN to obtain a GitLab session token belonging to the victim.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-8641"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-270"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-12T19:15:04Z",
    "severity": "MODERATE"
  },
  "details": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It may have been possible for an attacker with a victim\u0027s CI_JOB_TOKEN to obtain a GitLab session token belonging to the victim.",
  "id": "GHSA-x654-52cq-hxj3",
  "modified": "2024-09-12T21:32:02Z",
  "published": "2024-09-12T21:32:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8641"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/2595495"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/471954"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XJM6-JFMG-QC6P

Vulnerability from github – Published: 2024-05-29 14:38 – Updated: 2024-06-11 20:56
VLAI
Summary
Aimeos denial of service vulnerability in SaaS and marketplace setups
Details

Impact

All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack

Patches

Upgrade to the latest 2022.10 LTS, 2023.10 LTS and 2024.04.7 version of the aimeos/aimeos-core package

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "aimeos/aimeos-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2024.04.1"
            },
            {
              "fixed": "2024.04.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "aimeos/aimeos-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2023.04.1"
            },
            {
              "fixed": "2023.10.17"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "aimeos/aimeos-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2022.04.1"
            },
            {
              "fixed": "2022.10.17"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-37294"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-270"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-29T14:38:11Z",
    "nvd_published_at": "2024-06-11T15:16:09Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nAll SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack\n\n### Patches\nUpgrade to the latest 2022.10 LTS, 2023.10 LTS and 2024.04.7 version of the aimeos/aimeos-core package\n",
  "id": "GHSA-xjm6-jfmg-qc6p",
  "modified": "2024-06-11T20:56:12Z",
  "published": "2024-05-29T14:38:11Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/aimeos/aimeos-core/security/advisories/GHSA-xjm6-jfmg-qc6p"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37294"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aimeos/aimeos-core/commit/66edb06a53e51d90e075aad1932811c53c40af6f"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aimeos/aimeos-core/commit/69e2ea127c4e2fd2e756a80a16442bea0351a461"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aimeos/aimeos-core/commit/e933345915fc0cfafc6a011b853bc0228a61a45f"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/aimeos/aimeos-core"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aimeos/aimeos-core/compare/2022.10.16...2022.10.17"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aimeos/aimeos-core/compare/2023.10.16...2023.10.17"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aimeos/aimeos-core/compare/2024.04.6...2024.04.7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Aimeos denial of service vulnerability in SaaS and marketplace setups"
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

Mitigation MIT-49
Architecture and Design

Strategy: Separation of Privilege

Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

CAPEC-17: Using Malicious Files

An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell access; or in a possible worst case allows an adversary to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.

CAPEC-30: Hijacking a Privileged Thread of Execution

An adversary hijacks a privileged thread of execution by injecting malicious code into a running process. By using a privleged thread to do their bidding, adversaries can evade process-based detection that would stop an attack that creates a new process. This can lead to an adversary gaining access to the process's memory and can also enable elevated privileges. The most common way to perform this attack is by suspending an existing thread and manipulating its memory.

CAPEC-35: Leverage Executable Code in Non-Executable Files

An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.