Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-22 | CVE-2023-25590 | Improper Privilege Management vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges to those of a higher role. | 7.8 |
| 2023-03-16 | CVE-2023-21458 | Improper Privilege Management vulnerability in Samsung Android 11.0/12.0/13.0 Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent. | 3.3 |
| 2023-03-16 | CVE-2023-24760 | Improper Privilege Management vulnerability in Ofcms Project Ofcms 1.1.4 An issue found in Ofcms v.1.1.4 allows a remote attacker to to escalate privileges via the respwd method in SysUserController. | 8.8 |
| 2023-03-12 | CVE-2022-48365 | Improper Privilege Management vulnerability in Ibexa Digital Experience Platform and EZ Platform Kernel An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. | 7.2 |
| 2023-03-07 | CVE-2022-39953 | Improper Privilege Management vulnerability in Fortinet Fortinac A improper privilege management in Fortinet FortiNAC version 9.4.0 through 9.4.1, FortiNAC version 9.2.0 through 9.2.6, FortiNAC version 9.1.0 through 9.1.8, FortiNAC all versions 8.8, FortiNAC all versions 8.7, FortiNAC all versions 8.6, FortiNAC all versions 8.5, FortiNAC version 8.3.7 allows attacker to escalation of privilege via specially crafted commands. | 7.8 |
| 2023-03-03 | CVE-2022-45988 | Improper Privilege Management vulnerability in Starsoftcomm Coocare starsoftcomm CooCare 5.304 allows local attackers to escalate privileges and execute arbitrary commands via a crafted file upload. | 7.8 |
| 2023-03-02 | CVE-2023-26475 | Improper Privilege Management vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 8.8 |
| 2023-03-01 | CVE-2022-27677 | Improper Privilege Management vulnerability in AMD Ryzen Master 2.2.0.1543 Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user. | 7.8 |
| 2023-02-16 | CVE-2022-38378 | Improper Privilege Management vulnerability in Fortinet Fortios and Fortiproxy An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands. | 6.0 |
| 2023-02-16 | CVE-2023-24483 | Improper Privilege Management vulnerability in Citrix Virtual Apps and Desktops A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA. | 7.8 |