Vulnerabilities > Improper Privilege Management

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-06	CVE-2020-3594	Improper Privilege Management vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. local low complexity cisco CWE-269	7.8
2020-11-06	CVE-2020-3593	Improper Privilege Management vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. local low complexity cisco CWE-269	7.8
2020-11-06	CVE-2020-27122	Improper Privilege Management vulnerability in Cisco Identity Services Engine A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to elevate privileges on an affected device. local low complexity cisco CWE-269	6.7
2020-11-02	CVE-2020-28046	Improper Privilege Management vulnerability in PAX Prolinos 2.4.161.8859R An issue was discovered in ProlinOS through 2.4.161.8859R. local low complexity pax CWE-269	7.8
2020-10-29	CVE-2020-27655	Improper Privilege Management vulnerability in Synology Router Manager Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic. network low complexity synology CWE-269 critical	10.0
2020-10-29	CVE-2020-27654	Improper Privilege Management vulnerability in Synology Router Manager Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp. network low complexity synology CWE-269 critical	9.8
2020-10-28	CVE-2020-16262	Improper Privilege Management vulnerability in Winstonprivacy Winston Firmware 1.5.4 Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root privilege escalation. local low complexity winstonprivacy CWE-269	7.8
2020-10-26	CVE-2020-7125	Improper Privilege Management vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote escalation of privilege vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. network low complexity arubanetworks CWE-269	8.8
2020-10-23	CVE-2020-24848	Improper Privilege Management vulnerability in Fruitywifi Project Fruitywifi FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. local low complexity fruitywifi-project CWE-269	7.8
2020-10-22	CVE-2020-7020	Improper Privilege Management vulnerability in Elastic Elasticsearch Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. network high complexity elastic CWE-269	3.1