Microsoft Windows Server 2016

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21928 6.4 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.

Code Injection

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21958 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21959 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21960 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21961 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21962, CVE-2022-21963.

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21962 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21963.

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21963 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962.

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2022-21916 7.8 - High - January 11, 2022

Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21897.

Improper Privilege Management

Windows User Profile Service Elevation of Privilege Vulnerability

CVE-2022-21919 7 - High - January 11, 2022

Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21895.

Improper Privilege Management

Windows Kerberos Elevation of Privilege Vulnerability.

CVE-2022-21920 8.8 - High - January 11, 2022

Windows Kerberos Elevation of Privilege Vulnerability.

Improper Privilege Management

Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass.

CVE-2022-21913 7.5 - High - January 11, 2022

Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass.

AuthZ

Windows GDI+ Information Disclosure Vulnerability

CVE-2022-21915 6.5 - Medium - January 11, 2022

Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21880.

Exposure of Resource to Wrong Sphere

Windows IKE Extension Denial of Service Vulnerability

CVE-2022-21889 7.5 - High - January 11, 2022

Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21883, CVE-2022-21890.

Windows IKE Extension Denial of Service Vulnerability

CVE-2022-21890 7.5 - High - January 11, 2022

Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21883, CVE-2022-21889.

Windows Hyper-V Security Feature Bypass Vulnerability

CVE-2022-21900 4.6 - Medium - January 11, 2022

Windows Hyper-V Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-21905.

Windows Hyper-V Elevation of Privilege Vulnerability.

CVE-2022-21901 8 - High - January 11, 2022

Windows Hyper-V Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows DWM Core Library Elevation of Privilege Vulnerability

CVE-2022-21902 7.8 - High - January 11, 2022

Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21852, CVE-2022-21896.

Improper Privilege Management

Windows GDI Elevation of Privilege Vulnerability.

CVE-2022-21903 7.8 - High - January 11, 2022

Windows GDI Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows GDI Information Disclosure Vulnerability.

CVE-2022-21904 7.5 - High - January 11, 2022

Windows GDI Information Disclosure Vulnerability.

Exposure of Resource to Wrong Sphere

Windows Hyper-V Security Feature Bypass Vulnerability

CVE-2022-21905 8 - High - January 11, 2022

Windows Hyper-V Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-21900.

Windows Installer Elevation of Privilege Vulnerability.

CVE-2022-21908 7.8 - High - January 11, 2022

Windows Installer Elevation of Privilege Vulnerability.

Improper Privilege Management

Microsoft Cluster Port Driver Elevation of Privilege Vulnerability.

CVE-2022-21910 7.8 - High - January 11, 2022

Microsoft Cluster Port Driver Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVE-2022-21914 7.8 - High - January 11, 2022

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21885.

Improper Privilege Management

Windows IKE Extension Denial of Service Vulnerability

CVE-2022-21883 7.5 - High - January 11, 2022

Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21889, CVE-2022-21890.

Local Security Authority Subsystem Service Elevation of Privilege Vulnerability.

CVE-2022-21884 7.8 - High - January 11, 2022

Local Security Authority Subsystem Service Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVE-2022-21885 7.8 - High - January 11, 2022

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21914.

Improper Privilege Management

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2022-21897 7.8 - High - January 11, 2022

Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21916.

Improper Privilege Management

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21892 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.

Remote Desktop Protocol Remote Code Execution Vulnerability.

CVE-2022-21893 8.8 - High - January 11, 2022

Remote Desktop Protocol Remote Code Execution Vulnerability.

Secure Boot Security Feature Bypass Vulnerability.

CVE-2022-21894 4.4 - Medium - January 11, 2022

Secure Boot Security Feature Bypass Vulnerability.

Windows User Profile Service Elevation of Privilege Vulnerability

CVE-2022-21895 7.8 - High - January 11, 2022

Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21919.

Improper Privilege Management

Windows AppContracts API Server Elevation of Privilege Vulnerability.

CVE-2022-21860 7 - High - January 11, 2022

Windows AppContracts API Server Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows UI Immersive Server API Elevation of Privilege Vulnerability.

CVE-2022-21864 7 - High - January 11, 2022

Windows UI Immersive Server API Elevation of Privilege Vulnerability.

Improper Privilege Management

Connected Devices Platform Service Elevation of Privilege Vulnerability.

CVE-2022-21865 7 - High - January 11, 2022

Connected Devices Platform Service Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows System Launcher Elevation of Privilege Vulnerability.

CVE-2022-21866 7 - High - January 11, 2022

Windows System Launcher Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Security Center API Remote Code Execution Vulnerability.

CVE-2022-21874 9.8 - Critical - January 11, 2022

Windows Security Center API Remote Code Execution Vulnerability.

Code Injection

Windows Geolocation Service Remote Code Execution Vulnerability.

CVE-2022-21878 7.8 - High - January 11, 2022

Windows Geolocation Service Remote Code Execution Vulnerability.

Code Injection

Windows Kernel Elevation of Privilege Vulnerability

CVE-2022-21879 7.8 - High - January 11, 2022

Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21881.

Improper Privilege Management

Windows Kernel Elevation of Privilege Vulnerability

CVE-2022-21881 7.8 - High - January 11, 2022

Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21879.

Improper Privilege Management

Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability.

CVE-2022-21870 7.8 - High - January 11, 2022

Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability.

Improper Privilege Management

Tile Data Repository Elevation of Privilege Vulnerability.

CVE-2022-21873 7.8 - High - January 11, 2022

Tile Data Repository Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Storage Elevation of Privilege Vulnerability.

CVE-2022-21875 7.8 - High - January 11, 2022

Windows Storage Elevation of Privilege Vulnerability.

Improper Privilege Management

Win32k Information Disclosure Vulnerability.

CVE-2022-21876 5.5 - Medium - January 11, 2022

Win32k Information Disclosure Vulnerability.

Out-of-bounds Read

Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability.

CVE-2022-21871 7.8 - High - January 11, 2022

Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows GDI+ Information Disclosure Vulnerability

CVE-2022-21880 7.5 - High - January 11, 2022

Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915.

Exposure of Resource to Wrong Sphere

Windows IKE Extension Denial of Service Vulnerability

CVE-2022-21848 7.5 - High - January 11, 2022

Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21883, CVE-2022-21889, CVE-2022-21890.

Resource Exhaustion

Windows Application Model Core API Elevation of Privilege Vulnerability.

CVE-2022-21862 7 - High - January 11, 2022

Windows Application Model Core API Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows StateRepository API Server file Elevation of Privilege Vulnerability.

CVE-2022-21863 7 - High - January 11, 2022

Windows StateRepository API Server file Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Push Notifications Apps Elevation Of Privilege Vulnerability.

CVE-2022-21867 7 - High - January 11, 2022

Windows Push Notifications Apps Elevation Of Privilege Vulnerability.

Improper Privilege Management

Windows Devices Human Interface Elevation of Privilege Vulnerability.

CVE-2022-21868 7 - High - January 11, 2022

Windows Devices Human Interface Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows IKE Extension Denial of Service Vulnerability

CVE-2022-21843 7.5 - High - January 11, 2022

Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21848, CVE-2022-21883, CVE-2022-21889, CVE-2022-21890.

Resource Exhaustion

Windows IKE Extension Remote Code Execution Vulnerability.

CVE-2022-21849 9.8 - Critical - January 11, 2022

Windows IKE Extension Remote Code Execution Vulnerability.

Remote Desktop Client Remote Code Execution Vulnerability

CVE-2022-21850 8.8 - High - January 11, 2022

Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21851.

Remote Desktop Client Remote Code Execution Vulnerability

CVE-2022-21851 8.8 - High - January 11, 2022

Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21850.

Active Directory Domain Services Elevation of Privilege Vulnerability.

CVE-2022-21857 8.8 - High - January 11, 2022

Active Directory Domain Services Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Accounts Control Elevation of Privilege Vulnerability.

CVE-2022-21859 7 - High - January 11, 2022

Windows Accounts Control Elevation of Privilege Vulnerability.

Improper Privilege Management

Virtual Machine IDE Drive Elevation of Privilege Vulnerability.

CVE-2022-21833 7.8 - High - January 11, 2022

Virtual Machine IDE Drive Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability.

CVE-2022-21834 7.8 - High - January 11, 2022

Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability.

Improper Privilege Management

Microsoft Cryptographic Services Elevation of Privilege Vulnerability.

CVE-2022-21835 7.8 - High - January 11, 2022

Microsoft Cryptographic Services Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Certificate Spoofing Vulnerability.

CVE-2022-21836 7.8 - High - January 11, 2022

Windows Certificate Spoofing Vulnerability.

Improper Certificate Validation

Windows Cleanup Manager Elevation of Privilege Vulnerability.

CVE-2022-21838 7.8 - High - January 11, 2022

Windows Cleanup Manager Elevation of Privilege Vulnerability.

insecure temporary file

Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability

CVE-2021-43893 7.5 - High - December 15, 2021

Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Digital Media Receiver Elevation of Privilege Vulnerability

CVE-2021-43248 7.8 - High - December 15, 2021

Windows Digital Media Receiver Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-43883 7.8 - High - December 15, 2021

Windows Installer Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Fax Service Remote Code Execution Vulnerability

CVE-2021-43234 7.8 - High - December 15, 2021

Windows Fax Service Remote Code Execution Vulnerability

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2021-43236 7.5 - High - December 15, 2021

Microsoft Message Queuing Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-43222.

Windows Remote Access Elevation of Privilege Vulnerability

CVE-2021-43238 7.8 - High - December 15, 2021

Windows Remote Access Elevation of Privilege Vulnerability

Improper Privilege Management

Storage Spaces Controller Information Disclosure Vulnerability

CVE-2021-43227 5.5 - Medium - December 15, 2021

Storage Spaces Controller Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-43235.

Exposure of Resource to Wrong Sphere

Storage Spaces Controller Information Disclosure Vulnerability

CVE-2021-43235 5.5 - Medium - December 15, 2021

Storage Spaces Controller Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-43227.

Exposure of Resource to Wrong Sphere

Windows Common Log File System Driver Information Disclosure Vulnerability

CVE-2021-43224 5.5 - Medium - December 15, 2021

Windows Common Log File System Driver Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-43226 7.8 - High - December 15, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43207.

Improper Privilege Management

Windows NTFS Elevation of Privilege Vulnerability

CVE-2021-43231 7.8 - High - December 15, 2021

Windows NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43229, CVE-2021-43230.

Improper Privilege Management

Windows Event Tracing Remote Code Execution Vulnerability

CVE-2021-43232 7.8 - High - December 15, 2021

Windows Event Tracing Remote Code Execution Vulnerability

Code Injection

Remote Desktop Client Remote Code Execution Vulnerability

CVE-2021-43233 7.5 - High - December 15, 2021

Remote Desktop Client Remote Code Execution Vulnerability

Code Injection

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability

CVE-2021-43217 9.8 - Critical - December 15, 2021

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability

Code Injection

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2021-43222 7.5 - High - December 15, 2021

Microsoft Message Queuing Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-43236.

Exposure of Resource to Wrong Sphere

Windows NTFS Elevation of Privilege Vulnerability

CVE-2021-43229 7.8 - High - December 15, 2021

Windows NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43230, CVE-2021-43231.

Improper Privilege Management

Windows NTFS Elevation of Privilege Vulnerability

CVE-2021-43230 7.8 - High - December 15, 2021

Windows NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43229, CVE-2021-43231.

Improper Privilege Management

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-43207 7.8 - High - December 15, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43226.

Improper Privilege Management

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVE-2021-43223 7.8 - High - December 15, 2021

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

Improper Privilege Management

Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability

CVE-2021-43216 6.5 - Medium - December 15, 2021

Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

iSNS Server Memory Corruption Vulnerability

CVE-2021-43215 9.8 - Critical - December 15, 2021

iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution

Code Injection

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-41333 7.8 - High - December 15, 2021

Windows Print Spooler Elevation of Privilege Vulnerability

Improper Privilege Management

Active Directory Domain Services Elevation of Privilege Vulnerability

CVE-2021-42291 8.8 - High - November 10, 2021

Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42287.

Improper Privilege Management

Windows Denial of Service Vulnerability

CVE-2021-41356 7.5 - High - November 10, 2021

Windows Denial of Service Vulnerability

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

CVE-2021-41371 4.4 - Medium - November 10, 2021

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38631.

Windows Feedback Hub Elevation of Privilege Vulnerability

CVE-2021-42280 7.8 - High - November 10, 2021

Windows Feedback Hub Elevation of Privilege Vulnerability

Improper Privilege Management

Chakra Scripting Engine Memory Corruption Vulnerability

CVE-2021-42279 7.5 - High - November 10, 2021

Chakra Scripting Engine Memory Corruption Vulnerability

Memory Corruption

NTFS Elevation of Privilege Vulnerability

CVE-2021-41370 7.8 - High - November 10, 2021

NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-41367, CVE-2021-42283.

Improper Privilege Management

NTFS Elevation of Privilege Vulnerability

CVE-2021-41367 7.8 - High - November 10, 2021

NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-41370, CVE-2021-42283.

Improper Privilege Management

Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability

CVE-2021-41366 7.8 - High - November 10, 2021

Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability

Improper Privilege Management

Active Directory Domain Services Elevation of Privilege Vulnerability

CVE-2021-42278 8.8 - High - November 10, 2021

Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42282, CVE-2021-42287, CVE-2021-42291.

Improper Privilege Management

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

CVE-2021-42277 7.8 - High - November 10, 2021

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

Improper Privilege Management

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

CVE-2021-42276 7.8 - High - November 10, 2021

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Microsoft COM for Windows Remote Code Execution Vulnerability

CVE-2021-42275 8.8 - High - November 10, 2021

Microsoft COM for Windows Remote Code Execution Vulnerability

Active Directory Domain Services Elevation of Privilege Vulnerability

CVE-2021-42282 8.8 - High - November 10, 2021

Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42287, CVE-2021-42291.

Improper Privilege Management

Windows Kernel Elevation of Privilege Vulnerability

CVE-2021-42285 7.8 - High - November 10, 2021

Windows Kernel Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Hyper-V Denial of Service Vulnerability

CVE-2021-42284 7.5 - High - November 10, 2021

Windows Hyper-V Denial of Service Vulnerability

Resource Exhaustion

NTFS Elevation of Privilege Vulnerability

CVE-2021-42283 7.8 - High - November 10, 2021

NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-41367, CVE-2021-41370.

Improper Privilege Management

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-41379 7.8 - High - November 10, 2021

Windows Installer Elevation of Privilege Vulnerability

Improper Privilege Management