Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-09 | CVE-2017-5634 | Exposure of Resource to Wrong Sphere vulnerability in Norwegian-Air Norwegian AIR Kiosk The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows physically proximate attackers to bypass the intended "Please select booking identification" UI step, and obtain administrative privileges and network access on the underlying Windows OS, by accessing a touch-screen print icon to manipulate the print dialog. | 6.6 |
| 2016-12-29 | CVE-2016-5334 | Exposure of Resource to Wrong Sphere vulnerability in VMWare Identity Manager and Vrealize Automation VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x before 7.2.0 allow remote attackers to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors. | 5.3 |
| 2016-07-15 | CVE-2016-5787 | Exposure of Resource to Wrong Sphere vulnerability in GE Cimplicity General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors. | 6.3 |