CWE-280
AllowedImproper Handling of Insufficient Permissions or Privileges
Abstraction: Base · Status: Draft
The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.
256 vulnerabilities reference this CWE, most recent first.
GHSA-29J3-7MHP-WMWM
Vulnerability from github – Published: 2024-08-02 18:31 – Updated: 2024-08-02 18:31anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server.
{
"affected": [],
"aliases": [
"CVE-2024-7314"
],
"database_specific": {
"cwe_ids": [
"CWE-280",
"CWE-288"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-02T17:16:41Z",
"severity": "CRITICAL"
},
"details": "anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append \";swagger-ui\" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server.",
"id": "GHSA-29j3-7mhp-wmwm",
"modified": "2024-08-02T18:31:10Z",
"published": "2024-08-02T18:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7314"
},
{
"type": "WEB",
"url": "https://gitee.com/anji-plus/report/pulls/166/files"
},
{
"type": "WEB",
"url": "https://github.com/vulhub/vulhub/tree/master/aj-report/CNVD-2024-15077"
},
{
"type": "WEB",
"url": "https://github.com/yuebusao/AJ-REPORT-EXPLOIT"
},
{
"type": "WEB",
"url": "https://vulncheck.com/advisories/aj-report-swagger"
},
{
"type": "WEB",
"url": "https://xz.aliyun.com/t/14460"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2CQV-65V5-FPV5
Vulnerability from github – Published: 2024-10-02 21:30 – Updated: 2024-11-14 00:31An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm.
{
"affected": [],
"aliases": [
"CVE-2024-24116"
],
"database_specific": {
"cwe_ids": [
"CWE-280"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-02T19:15:15Z",
"severity": "CRITICAL"
},
"details": "An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm.",
"id": "GHSA-2cqv-65v5-fpv5",
"modified": "2024-11-14T00:31:10Z",
"published": "2024-10-02T21:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24116"
},
{
"type": "WEB",
"url": "https://gist.github.com/zty-1995/7a5e3ad0eb3b6c44db1a6eb4092893d3"
},
{
"type": "WEB",
"url": "https://github.com/zty-1995/RG-NBS2009G-P-switch/tree/main/Unauthorized%20Access%20Vulnerability"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2HF3-JPHF-R8CC
Vulnerability from github – Published: 2025-11-18 18:32 – Updated: 2025-11-24 15:30Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST API, which could lead to unauthorized actions or information disclosure.
{
"affected": [],
"aliases": [
"CVE-2025-58122"
],
"database_specific": {
"cwe_ids": [
"CWE-280"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-18T16:15:44Z",
"severity": "MODERATE"
},
"details": "Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST API, which could lead to unauthorized actions or information disclosure.",
"id": "GHSA-2hf3-jphf-r8cc",
"modified": "2025-11-24T15:30:27Z",
"published": "2025-11-18T18:32:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58122"
},
{
"type": "WEB",
"url": "https://checkmk.com/werk/18982"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-2HMJ-97JW-28JH
Vulnerability from github – Published: 2025-09-24 12:30 – Updated: 2025-11-05 20:46Improper permission checks in the AdminServer allow an authenticated client with insufficient privileges to invoke the snapshot and restore commands. The intended requirement is authentication and authorization on the root path (/) with ALL permission for these operations; however, affected versions permit invocation without that level of authorization. The primary risk is disclosure of cluster state via snapshots to a lesser-privileged client.
- Affected:
org.apache.zookeeper:zookeeper3.9.0 through 3.9.3. - Fixed: 3.9.4 (ZOOKEEPER-4964 “check permissions individually during admin server auth”).
- Mitigations:
- Disable both commands (
admin.snapshot.enabled,admin.restore.enabled). - Disable AdminServer (
admin.enableServer). - Ensure the root ACL is not open; note that ZooKeeper ACLs are not recursive.
- Upgrade to 3.9.4.
- Disable both commands (
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.zookeeper:zookeeper"
},
"ranges": [
{
"events": [
{
"introduced": "3.9.0"
},
{
"fixed": "3.9.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-58457"
],
"database_specific": {
"cwe_ids": [
"CWE-280"
],
"github_reviewed": true,
"github_reviewed_at": "2025-09-24T19:00:08Z",
"nvd_published_at": "2025-09-24T10:15:28Z",
"severity": "MODERATE"
},
"details": "Improper permission checks in the AdminServer allow an authenticated client with insufficient privileges to invoke the `snapshot` and `restore` commands. The intended requirement is authentication and authorization on the root path (`/`) with **ALL** permission for these operations; however, affected versions permit invocation without that level of authorization. The primary risk is disclosure of cluster state via snapshots to a lesser-privileged client.\n\n* **Affected:** `org.apache.zookeeper:zookeeper` 3.9.0 through 3.9.3.\n* **Fixed:** 3.9.4 (ZOOKEEPER-4964 \u201ccheck permissions individually during admin server auth\u201d).\n* **Mitigations:**\n * Disable both commands (`admin.snapshot.enabled`, `admin.restore.enabled`).\n * Disable AdminServer (`admin.enableServer`).\n * Ensure the root ACL is not open; note that ZooKeeper ACLs are not recursive.\n * Upgrade to 3.9.4.",
"id": "GHSA-2hmj-97jw-28jh",
"modified": "2025-11-05T20:46:28Z",
"published": "2025-09-24T12:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58457"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/zookeeper"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/r5yol0kkhx2fzw22pxk1ozwm3oc6yxrx"
},
{
"type": "WEB",
"url": "https://zookeeper.apache.org/doc/current/zookeeperSnapshotAndRestore.html"
},
{
"type": "WEB",
"url": "https://zookeeper.apache.org/doc/r3.9.4/releasenotes.html"
},
{
"type": "WEB",
"url": "https://zookeeper.apache.org/security.html#CVE-2025-58457"
},
{
"type": "WEB",
"url": "http://github.com/apache/zookeeper/commit/71e173fcbcc9deb784081cf867bd045df3c32635"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/09/24/10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Apache ZooKeeper: Insufficient Permission Check in AdminServer Snapshot/Restore Commands"
}
GHSA-2M53-6P59-JFH3
Vulnerability from github – Published: 2024-11-30 03:32 – Updated: 2024-12-02 00:34Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.
{
"affected": [],
"aliases": [
"CVE-2024-43702"
],
"database_specific": {
"cwe_ids": [
"CWE-280"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-30T03:15:13Z",
"severity": "HIGH"
},
"details": "Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.",
"id": "GHSA-2m53-6p59-jfh3",
"modified": "2024-12-02T00:34:01Z",
"published": "2024-11-30T03:32:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43702"
},
{
"type": "WEB",
"url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2QWV-XP73-79CX
Vulnerability from github – Published: 2023-04-01 06:31 – Updated: 2023-04-10 18:30NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering.
{
"affected": [],
"aliases": [
"CVE-2023-0181"
],
"database_specific": {
"cwe_ids": [
"CWE-276",
"CWE-280"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-01T05:15:00Z",
"severity": "HIGH"
},
"details": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering.",
"id": "GHSA-2qwv-xp73-79cx",
"modified": "2023-04-10T18:30:22Z",
"published": "2023-04-01T06:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0181"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5452"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202310-02"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-33J3-G875-37RP
Vulnerability from github – Published: 2026-05-28 06:31 – Updated: 2026-07-01 21:22A flaw was found in Keycloak's Client Policies, specifically within the org.keycloak.protocol.oidc component. When certain condition providers (client-type, client-roles, client-attributes, client-scopes) are used to enforce security restrictions, the reject-ropc-grant executor is silently bypassed. This allows an unauthenticated remote attacker to obtain tokens via a Resource Owner Password Credentials (ROPC) grant, even when a policy is explicitly configured to block it. This bypass can lead to unauthorized access and information disclosure.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.keycloak:keycloak-services"
},
"ranges": [
{
"events": [
{
"introduced": "26.5.0"
},
{
"fixed": "26.6.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.keycloak:keycloak-services"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "26.4.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-9792"
],
"database_specific": {
"cwe_ids": [
"CWE-280"
],
"github_reviewed": true,
"github_reviewed_at": "2026-07-01T21:22:38Z",
"nvd_published_at": "2026-05-28T05:16:40Z",
"severity": "MODERATE"
},
"details": "A flaw was found in Keycloak\u0027s Client Policies, specifically within the `org.keycloak.protocol.oidc` component. When certain condition providers (client-type, client-roles, client-attributes, client-scopes) are used to enforce security restrictions, the `reject-ropc-grant` executor is silently bypassed. This allows an unauthenticated remote attacker to obtain tokens via a Resource Owner Password Credentials (ROPC) grant, even when a policy is explicitly configured to block it. This bypass can lead to unauthorized access and information disclosure.",
"id": "GHSA-33j3-g875-37rp",
"modified": "2026-07-01T21:22:38Z",
"published": "2026-05-28T06:31:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9792"
},
{
"type": "WEB",
"url": "https://github.com/keycloak/keycloak/issues/49436"
},
{
"type": "WEB",
"url": "https://github.com/keycloak/keycloak/pull/49636"
},
{
"type": "WEB",
"url": "https://github.com/keycloak/keycloak/pull/49637"
},
{
"type": "WEB",
"url": "https://github.com/keycloak/keycloak/commit/13622ee0ffed91fd07ef444be2c858a7f356766d"
},
{
"type": "WEB",
"url": "https://github.com/keycloak/keycloak/commit/2af73c16a4e49333779bb34bce65461d9af036a4"
},
{
"type": "WEB",
"url": "https://github.com/keycloak/keycloak/commit/af5e3e8c60842bc1f3a78e6be414fe303f93163d"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25097"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:25098"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:30049"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:30050"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-9792"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482459"
},
{
"type": "PACKAGE",
"url": "https://github.com/keycloak/keycloak"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Keycloak Vulnerable to Improper Handling of Insufficient Permissions or Privilege"
}
GHSA-3VGQ-3XJ4-J9VH
Vulnerability from github – Published: 2025-08-04 15:31 – Updated: 2025-08-05 15:30Software installed and run as a non-privileged user may conduct ptrace system calls to issue writes to GPU origin read only memory.
{
"affected": [],
"aliases": [
"CVE-2025-8109"
],
"database_specific": {
"cwe_ids": [
"CWE-280"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-04T14:15:33Z",
"severity": "HIGH"
},
"details": "Software installed and run as a non-privileged user may conduct ptrace system calls to issue writes to GPU origin read only memory.",
"id": "GHSA-3vgq-3xj4-j9vh",
"modified": "2025-08-05T15:30:39Z",
"published": "2025-08-04T15:31:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8109"
},
{
"type": "WEB",
"url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3WGF-CCPX-RV72
Vulnerability from github – Published: 2026-04-14 18:30 – Updated: 2026-04-14 18:30Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2026-27910"
],
"database_specific": {
"cwe_ids": [
"CWE-280"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-14T18:16:57Z",
"severity": "HIGH"
},
"details": "Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-3wgf-ccpx-rv72",
"modified": "2026-04-14T18:30:38Z",
"published": "2026-04-14T18:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27910"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27910"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3X7P-3VVQ-9QR7
Vulnerability from github – Published: 2025-07-08 18:31 – Updated: 2025-07-08 18:31Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.
{
"affected": [],
"aliases": [
"CVE-2025-49731"
],
"database_specific": {
"cwe_ids": [
"CWE-280"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-08T17:16:01Z",
"severity": "LOW"
},
"details": "Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.",
"id": "GHSA-3x7p-3vvq-9qr7",
"modified": "2025-07-08T18:31:51Z",
"published": "2025-07-08T18:31:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49731"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49731"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-46
Strategy: Separation of Privilege
- Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
- Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
Mitigation
Always check to see if you have successfully accessed a resource or system functionality, and use proper error handling if it is unsuccessful. Do this even when you are operating in a highly privileged mode, because errors or environmental conditions might still cause a failure. For example, environments with highly granular permissions/privilege models, such as Windows or Linux capabilities, can cause unexpected failures.
No CAPEC attack patterns related to this CWE.