Vulnerabilities > Improper Access Control
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-02 | CVE-2016-8792 | Improper Access Control vulnerability in Huawei Mate 8 Firmware, Mate S Firmware and P8 Firmware Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege. | 7.1 |
2017-04-02 | CVE-2016-8791 | Improper Access Control vulnerability in Huawei Mate 8 Firmware, Mate S Firmware and P8 Firmware Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege. | 7.1 |
2017-04-02 | CVE-2016-8274 | Improper Access Control vulnerability in Huawei Hisuite 4.0.5.300Ove Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code. | 7.8 |
2017-04-02 | CVE-2016-8273 | Improper Access Control vulnerability in Huawei Hisuite 4.0.5.300Ove Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can launch an MITM attack to interrupt or replace the downloaded software package and further compromise the PC. | 7.8 |
2017-04-02 | CVE-2014-4707 | Improper Access Control vulnerability in Huawei products Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300 allow unauthorized users to upgrade the bootrom or bootload software, bypass a Menu protection mechanism, conduct a Menu compromise attack, or bypass a Menu/upgrade protection mechanism. | 8.8 |
2017-03-31 | CVE-2016-8032 | Improper Access Control vulnerability in Mcafee Anti-Malware Scan Engine Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file. | 7.3 |
2017-03-31 | CVE-2015-4624 | Improper Access Control vulnerability in Hak5 Wi-Fi Pineapple Firmware Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens. | 7.5 |
2017-03-28 | CVE-2016-6807 | Improper Access Control vulnerability in Apache Ambari 2.4.0/2.4.1 Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. | 9.8 |
2017-03-28 | CVE-2016-9468 | Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the dav app. | 5.3 |
2017-03-28 | CVE-2016-9467 | Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. | 5.3 |