Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-02 | CVE-2016-8274 | Improper Access Control vulnerability in Huawei Hisuite 4.0.5.300Ove Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code. | 7.8 |
| 2017-04-02 | CVE-2016-8273 | Improper Access Control vulnerability in Huawei Hisuite 4.0.5.300Ove Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can launch an MITM attack to interrupt or replace the downloaded software package and further compromise the PC. | 7.8 |
| 2017-04-02 | CVE-2014-4707 | Improper Access Control vulnerability in Huawei products Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300 allow unauthorized users to upgrade the bootrom or bootload software, bypass a Menu protection mechanism, conduct a Menu compromise attack, or bypass a Menu/upgrade protection mechanism. | 8.8 |
| 2017-03-31 | CVE-2016-8032 | Improper Access Control vulnerability in Mcafee Anti-Malware Scan Engine Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file. | 7.3 |
| 2017-03-31 | CVE-2015-4624 | Improper Access Control vulnerability in Hak5 Wi-Fi Pineapple Firmware Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens. | 7.5 |
| 2017-03-28 | CVE-2016-6807 | Improper Access Control vulnerability in Apache Ambari 2.4.0/2.4.1 Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. | 9.8 |
| 2017-03-28 | CVE-2016-9468 | Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the dav app. | 5.3 |
| 2017-03-28 | CVE-2016-9467 | Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. | 5.3 |
| 2017-03-28 | CVE-2016-9462 | Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore privileges when restoring a file. | 4.3 |
| 2017-03-28 | CVE-2016-9461 | Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. | 4.3 |