Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-10 | CVE-2020-7311 | Improper Privilege Management vulnerability in Mcafee Agent 5.0.0 Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files. | 7.0 |
| 2020-09-09 | CVE-2020-7324 | Improper Privilege Management vulnerability in Mcafee Mvision Endpoint 18.11.31.62/20.5.0.94/20.7 Improper Access Control vulnerability in McAfee MVISION Endpoint prior to 20.9 Update allows local users to bypass security mechanisms and deny access to the SYSTEM folder via incorrectly applied permissions. | 6.1 |
| 2020-08-27 | CVE-2020-4603 | Improper Privilege Management vulnerability in IBM Security Guardium Insights 2.0.1 IBM Security Guardium Insights 2.0.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | 7.2 |
| 2020-08-26 | CVE-2020-5916 | Improper Privilege Management vulnerability in F5 products In BIG-IP versions 15.1.0-15.1.0.4 and 15.0.0-15.0.1.3 the Certificate Administrator user role and higher privileged roles can perform arbitrary file reads outside of the web root directory. | 6.8 |
| 2020-08-21 | CVE-2020-8624 | Improper Privilege Management vulnerability in multiple products In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone. | 4.3 |
| 2020-08-21 | CVE-2019-11847 | Improper Privilege Management vulnerability in Sierrawireless Aleos An improper privilege management vulnerabitlity exists in ALEOS before 4.11.0, 4.9.4 and 4.4.9. | 7.8 |
| 2020-08-21 | CVE-2020-10290 | Improper Privilege Management vulnerability in Sintef URX Universal Robots controller execute URCaps (zip files containing Java-powered applications) without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. | 6.8 |
| 2020-08-21 | CVE-2020-7310 | Improper Privilege Management vulnerability in Mcafee Total Protection Privilege Escalation vulnerability in the installer in McAfee McAfee Total Protection (MTP) trial prior to 4.0.161.1 allows local users to change files that are part of write protection rules via manipulating symbolic links to redirect a McAfee file operations to an unintended file. | 6.9 |
| 2020-08-21 | CVE-2020-14215 | Improper Privilege Management vulnerability in Zulip Server Zulip Server before 2.1.5 has Incorrect Access Control because 0198_preregistrationuser_invited_as adds the administrator role to invitations. | 7.5 |
| 2020-08-21 | CVE-2020-14194 | Improper Privilege Management vulnerability in Zulip Server Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link. | 5.4 |