CVEbaza.plSłownik CWECWE-271
Common Weakness Enumeration

CWE-271

Privilege Dropping / Lowering Errors

Kategoria: ClassCVE: 12
Opis

Produkt nie porzuca uprawnień przed przekazaniem kontroli nad zasobem aktorowi, który nie posiada tych uprawnień. Może to prowadzić do nieautoryzowanego dostępu do wrażliwych zasobów.

Description (EN)

The product does not drop privileges before passing control of a resource to an actor that does not have those privileges.

Podatności CVE z CWE-271 (12)
9.4
CVSS
CRITICAL
CVE-2026-44477

Podatność w platformie CloudNativePG umożliwia atakującemu z ograniczonym dostępem odzyskanie pełnych uprawnień superużytkownika PostgreSQL, a następnie wykonanie dowolnych poleceń systemowych wewnątrz poda Kubernetes. Ze względu na krytyczny wynik CVSS 9.4 i możliwość przejęcia kontroli nad procesem bazodanowym stanowi poważne zagrożenie dla środowisk produkcyjnych.

pub. 2026-05-28
8.1
CVSS
HIGH
CVE-2019-11243

In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of the provided config, with credentials removed (bearer token, username/password, and client certificate/key data). In the affected versions, rest.AnonymousClientConfig() did not effectively clear service account credentials loaded using rest.InClusterConfig()

pub. 2019-04-22
8.0
CVSS
HIGH
CVE-2024-0985

Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker's roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected.

pub. 2024-02-08
8.0
CVSS
HIGH
CVE-2023-22648

A Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD not to be reflected to users while they are logged in the Rancher UI. This would cause the users to retain their previous permissions in Rancher, even if they change groups on Azure AD, for example, to a lower privileged group, or are removed from a group, thus retaining their access to Rancher instead of losing it. This issue affects Rancher: from >= 2.6.7 before < 2.6.13, from >= 2.7.0 before < 2.7.4.

pub. 2023-06-01
7.9
CVSS
HIGH
CVE-2025-53819

Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available.

pub. 2025-07-14
7.8
CVSS
HIGH
CVE-2022-3569

Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively coerce postfix into running arbitrary commands as 'root'.

pub. 2022-10-17
7.4
CVSS
HIGH
CVE-2026-35535

In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.

pub. 2026-04-03
7.3
CVSS
HIGH
CVE-2025-23395

Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root` ownership, the invoking user's (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges

pub. 2025-05-26
6.8
CVSS
MEDIUM
CVE-2024-35179

Stalwart Mail Server is an open-source mail server. Prior to version 0.8.0, when using `RUN_AS_USER`, the specified user (and therefore, web interface admins) can read arbitrary files as root. This issue affects admins who have set up to run stalwart with `RUN_AS_USER` who handed out admin credentials to the mail server but expect these to only grant access according to the `RUN_AS_USER` and are attacked where the attackers managed to achieve Arbitrary Code Execution using another vulnerability. Version 0.8.0 contains a patch for the issue.

pub. 2024-05-15
6.1
CVSS
MEDIUM
CVE-2023-38496

Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker could possibly craft a starter config to delete any directory on the host filesystems. A security fix has been included in Apptainer 1.2.1. There is no known workaround outside of upgrading to Apptainer 1.2.1.

pub. 2023-07-25
5.8
CVSS
MEDIUM
CVE-2026-25704

A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in  cosmic-greeter can allow an attacker to regain privileges that should have been dropped and abuse them in the racy checking logic. This issue affects cosmic-greeter before https://github.Com/pop-os/cosmic-greeter/pull/426.

pub. 2026-03-30
4.9
CVSS
MEDIUM
CVE-2020-35513

A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with access to the NFS could use this flaw to starve the resources causing denial of service.

pub. 2021-01-26
Informacje
ID: CWE-271
Typ: Class
Podatności: 12
MITRE CWE ↗
← Słownik CWE
CWE-271 — Błędy Porzucania / Obniżania Uprawnień | Słownik CWE | CVEbaza.pl