Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-25 | CVE-2021-24092 | Improper Privilege Management vulnerability in Microsoft products Microsoft Defender Elevation of Privilege Vulnerability | 7.8 |
| 2021-02-25 | CVE-2021-24087 | Improper Privilege Management vulnerability in Azure-Iot-Cli-Extension - Azure IoT CLI extension Elevation of Privilege Vulnerability | 7.0 |
| 2021-02-25 | CVE-2021-1728 | Improper Privilege Management vulnerability in Microsoft System Center Operations Manager 2019 System Center Operations Manager Elevation of Privilege Vulnerability | 8.8 |
| 2021-02-25 | CVE-2021-1727 | Improper Privilege Management vulnerability in Microsoft products Windows Installer Elevation of Privilege Vulnerability | 7.8 |
| 2021-02-25 | CVE-2021-1698 | Improper Privilege Management vulnerability in Microsoft products Windows Win32k Elevation of Privilege Vulnerability | 7.8 |
| 2021-02-23 | CVE-2021-26594 | Improper Privilege Management vulnerability in Rangerstudio Directus In Directus 8.x through 8.8.1, an attacker can switch to the administrator role (via the PATCH method) without any control by the back end. | 8.8 |
| 2021-02-23 | CVE-2021-25630 | Improper Privilege Management vulnerability in Collaboraoffice Online "loolforkit" is a privileged program that is supposed to be run by a special, non-privileged "lool" user. | 7.8 |
| 2021-02-16 | CVE-2021-20075 | Improper Privilege Management vulnerability in Racom M!Dge Firmware 4.4.40.105 Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd. | 7.8 |
| 2021-02-16 | CVE-2020-35557 | Improper Privilege Management vulnerability in multiple products An issue in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 allows a logged in user to see devices in the account he should not have access to due to improper use of access validation. | 6.5 |
| 2021-02-15 | CVE-2020-29031 | Improper Privilege Management vulnerability in Secomea products An Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an authenticated attacker to reset the password of any user in its domain or any sub-domain, via escalation of privileges. | 8.1 |