Vulnerabilities > Improper Privilege Management

DATE CVE VULNERABILITY TITLE RISK
2017-06-22 CVE-2017-1326 Improper Privilege Management vulnerability in IBM Sterling B2B Integrator 5.2
IBM Sterling File Gateway does not properly restrict user requests based on permission level.
network
low complexity
ibm CWE-269
4.3
4.3
2017-06-21 CVE-2017-7922 Improper Privilege Management vulnerability in Cambium Networks products
An Improper Privilege Management issue was discovered in Cambium Networks ePMP.
network
low complexity
cambium-networks CWE-269
7.6
7.6
2017-06-21 CVE-2017-7918 Improper Privilege Management vulnerability in Cambium Networks products
An Improper Access Control issue was discovered in Cambium Networks ePMP.
network
low complexity
cambium-networks CWE-269
6.8
6.8
2017-06-13 CVE-2017-4992 Improper Privilege Management vulnerability in multiple products
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v261; UAA release 2.x versions prior to v2.7.4.17, 3.6.x versions prior to v3.6.11, 3.9.x versions prior to v3.9.13, and other versions prior to v4.2.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.15, 24.x versions prior to v24.10, 30.x versions prior to 30.3, and other versions prior to v37.
network
low complexity
pivotal-software cloudfoundry CWE-269
critical
 9.8
9.8
2017-06-13 CVE-2017-4991 Improper Privilege Management vulnerability in multiple products
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v260; UAA release 2.x versions prior to v2.7.4.16, 3.6.x versions prior to v3.6.10, 3.9.x versions prior to v3.9.12, and other versions prior to v3.17.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.14, 24.x versions prior to v24.9, 30.x versions prior to 30.2, and other versions prior to v36.
network
low complexity
pivotal-software cloudfoundry CWE-269
7.2
7.2
2017-06-13 CVE-2017-4973 Improper Privilege Management vulnerability in multiple products
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.12, 24.x versions prior to v24.7, and other versions prior to v30.
network
low complexity
pivotal-software cloudfoundry CWE-269
8.8
8.8
2017-06-13 CVE-2016-8219 Improper Privilege Management vulnerability in Cloudfoundry Capi-Release and Cf-Release
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI-release versions prior to 1.12.0.
network
low complexity
cloudfoundry CWE-269
6.5
6.5
2017-06-12 CVE-2017-9324 Improper Privilege Management vulnerability in multiple products
In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain administrative privileges / full access.
network
low complexity
otrs debian CWE-269
8.8
8.8
2017-06-07 CVE-2017-7312 Improper Privilege Management vulnerability in Personifycorp Personify360 7.5.2/7.6/7.6.1
An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1.
network
low complexity
personifycorp CWE-269
critical
 9.8
9.8
2017-06-06 CVE-2016-2192 Improper Privilege Management vulnerability in Pl/Java Project Pl/Java
PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for types they do not own.
network
low complexity
pl-java-project CWE-269
6.5
6.5