Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-18 | CVE-2020-26077 | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the access control functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to view lists of users from different domains that are configured on an affected system. | 4.3 |
| 2020-11-18 | CVE-2020-26072 | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the SOAP API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to access and modify information on devices that belong to a different domain. | 8.7 |
| 2020-11-16 | CVE-2020-8269 | Improper Privilege Management vulnerability in Citrix Virtual Apps and Desktops, Xenapp and Xendesktop An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9 | 8.8 |
| 2020-11-13 | CVE-2020-13638 | Improper Privilege Management vulnerability in Rconfig lib/crud/userprocess.php in rConfig 3.9.x before 3.9.7 has an authentication bypass, leading to administrator account creation. | 9.8 |
| 2020-11-12 | CVE-2020-2022 | Improper Privilege Management vulnerability in Paloaltonetworks Pan-Os An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. | 7.5 |
| 2020-11-06 | CVE-2020-3594 | Improper Privilege Management vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. | 7.8 |
| 2020-11-06 | CVE-2020-3593 | Improper Privilege Management vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. | 7.8 |
| 2020-11-06 | CVE-2020-27122 | Improper Privilege Management vulnerability in Cisco Identity Services Engine A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
| 2020-11-02 | CVE-2020-28046 | Improper Privilege Management vulnerability in PAX Prolinos 2.4.161.8859R An issue was discovered in ProlinOS through 2.4.161.8859R. | 7.8 |
| 2020-10-29 | CVE-2020-27655 | Improper Privilege Management vulnerability in Synology Router Manager Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic. | 10.0 |