Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-07 | CVE-2020-5302 | Improper Privilege Management vulnerability in Mh-Wikibot Project Mh-Wikibot MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a bug that allowed any unprivileged user to access the steward commands on the IRC interface by impersonating the Nickname used by a privileged user as no check was made to see if they were logged in. | 6.4 |
| 2020-04-07 | CVE-2020-11561 | Improper Privilege Management vulnerability in Nchsoftware Express Invoice 7.25 In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen. | 6.5 |
| 2020-04-06 | CVE-2020-5832 | Improper Privilege Management vulnerability in Symantec Data Center Security 6.8.1 Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6.8 MP2), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | 4.6 |
| 2020-04-06 | CVE-2019-19699 | Improper Privilege Management vulnerability in Centreon There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. | 9.0 |
| 2020-04-03 | CVE-2020-4273 | Improper Privilege Management vulnerability in IBM Spectrum Scale IBM Spectrum Scale 4.2 and 5.0 could allow a local unprivileged attacker with intimate knowledge of the enviornment to execute commands as root using specially crafted input. | 6.9 |
| 2020-04-03 | CVE-2018-17954 | Improper Privilege Management vulnerability in Suse Openstack Cloud and Openstack Cloud Crowbar An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. | 7.8 |
| 2020-04-02 | CVE-2019-19348 | Improper Privilege Management vulnerability in Redhat Openshift An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. | 7.0 |
| 2020-04-02 | CVE-2019-19346 | Improper Privilege Management vulnerability in Redhat Openshift An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . | 7.0 |
| 2020-04-01 | CVE-2020-8146 | Improper Privilege Management vulnerability in UI Unifi Video In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. | 6.9 |
| 2020-04-01 | CVE-2020-8145 | Improper Privilege Management vulnerability in UI Unifi Video The UniFi Video Server (Windows) web interface configuration restore functionality at the “backup” and “wizard” endpoints does not implement sufficient privilege checks. | 4.0 |