Vulnerabilities > Improper Privilege Management
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-19 | CVE-2023-47267 | Improper Privilege Management vulnerability in Thegreenbow products An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VPN Client 6.87, and Windows Enterprise VPN Client 6.87 allows attackers to gain escalated privileges via crafted changes to memory mapped file. | 9.8 |
2023-12-17 | CVE-2023-3907 | Improper Privilege Management vulnerability in Gitlab A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner | 8.8 |
2023-12-13 | CVE-2023-6793 | Improper Privilege Management vulnerability in Paloaltonetworks Pan-Os An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage. | 2.7 |
2023-12-12 | CVE-2023-41119 | Improper Privilege Management vulnerability in Enterprisedb Postgres Advanced Server An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. | 8.8 |
2023-12-12 | CVE-2023-50424 | Improper Privilege Management vulnerability in SAP Cloud-Security-Client-Go SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) - versions < 0.17.0, allow under certain conditions an escalation of privileges. | 9.8 |
2023-12-12 | CVE-2023-49583 | Improper Privilege Management vulnerability in SAP @Sap/XSSec SAP BTP Security Services Integration Library ([Node.js] @sap/xssec - versions < 3.6.0, allow under certain conditions an escalation of privileges. | 9.8 |
2023-12-12 | CVE-2023-50422 | Improper Privilege Management vulnerability in SAP Cloud-Security-Services-Integration-Library SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) - versions below 2.17.0 and versions from 3.0.0 to before 3.3.0, allow under certain conditions an escalation of privileges. | 9.8 |
2023-12-12 | CVE-2023-50423 | Improper Privilege Management vulnerability in SAP Sap-XSSec SAP BTP Security Services Integration Library ([Python] sap-xssec) - versions < 4.1.0, allow under certain conditions an escalation of privileges. | 9.8 |
2023-12-05 | CVE-2023-45083 | Improper Privilege Management vulnerability in Softiron Hypercloud An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able to delete the "admin" or "serveradmin" users, which prevents authentication from subsequently succeeding. This issue affects HyperCloud versions 1.0 to any release before 2.1. | 4.4 |
2023-12-01 | CVE-2023-45253 | Improper Privilege Management vulnerability in Huddly Huddlycameraservices An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library. | 7.8 |