Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-11 | CVE-2017-14312 | Improper Privilege Management vulnerability in Nagios Core Nagios Core through 4.3.4 initially executes /usr/sbin/nagios as root but supports configuration options in which this file is owned by a non-root account (and similarly can have nagios.cfg owned by a non-root account), which allows local users to gain privileges by leveraging access to this non-root account. | 7.8 |
| 2017-09-07 | CVE-2016-0732 | Improper Privilege Management vulnerability in multiple products The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows remote authenticated users with privileges in one zone to gain privileges and perform operations on a different zone via unspecified vectors. | 8.8 |
| 2017-08-29 | CVE-2017-12422 | Improper Privilege Management vulnerability in Netapp Storagegrid Webscale NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors. | 6.5 |
| 2017-08-27 | CVE-2017-13707 | Improper Privilege Management vulnerability in Axcient Replibit 2017.05.11 Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers to gain root privileges via sudo command execution. | 9.8 |
| 2017-08-18 | CVE-2017-8446 | Improper Privilege Management vulnerability in Elasticsearch X-Pack and X-Pack Reporting The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. | 5.3 |
| 2017-08-17 | CVE-2017-6767 | Improper Privilege Management vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. | 7.1 |
| 2017-08-14 | CVE-2017-9662 | Improper Privilege Management vulnerability in Fujielectric Monitouch V-Sft 5.4.42.0 An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. | 5.3 |
| 2017-08-08 | CVE-2017-10142 | Improper Privilege Management vulnerability in Oracle Hospitality Reporting and Analytics 8.5.1/9.0.0 Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Mobile Apps). | 5.4 |
| 2017-08-08 | CVE-2017-10104 | Improper Privilege Management vulnerability in Oracle Java Advanced Management Console 2.6 Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). | 7.4 |
| 2017-08-08 | CVE-2017-10103 | Improper Privilege Management vulnerability in Oracle Flexcube Private Banking Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). | 6.5 |