Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-05 | CVE-2020-6971 | Improper Privilege Management vulnerability in Emerson Valvelink 12.0.264/13.4.118 In Emerson ValveLink v12.0.264 to v13.4.118, a vulnerability in the ValveLink software may allow a local, unprivileged, trusted insider to escalate privileges due to insecure configuration parameters. | 7.8 |
| 2020-03-02 | CVE-2019-12183 | Improper Privilege Management vulnerability in Safescan products Incorrect Access Control in Safescan Timemoto TM-616 and TA-8000 series allows remote attackers to read any file via the administrative API. | 7.5 |
| 2020-02-20 | CVE-2020-6968 | Improper Privilege Management vulnerability in Honeywell Inncom Inncontrol Firmware 3.0/3.21 Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files. | 7.8 |
| 2020-02-19 | CVE-2020-3112 | Improper Privilege Management vulnerability in Cisco Data Center Network Manager A vulnerability in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to elevate privileges on the application. | 8.8 |
| 2020-02-18 | CVE-2013-6295 | Improper Privilege Management vulnerability in Prestashop 1.5.5.0 PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module | 9.8 |
| 2020-02-18 | CVE-2013-3323 | Improper Privilege Management vulnerability in IBM products A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access. | 9.8 |
| 2020-02-14 | CVE-2019-6195 | Improper Privilege Management vulnerability in Lenovo Xclarity Controller An authorization bypass exists in Lenovo XClarity Controller (XCC) versions prior to 3.08 CDI340V, 3.01 TEI392O, 1.71 PSI328N where a valid authenticated user with lesser privileges may be granted read-only access to higher-privileged information if 1) “LDAP Authentication Only with Local Authorization” mode is configured and used by XCC, and 2) a lesser privileged user logs into XCC within 1 minute of a higher privileged user logging out. | 4.8 |
| 2020-02-13 | CVE-2014-4170 | Improper Privilege Management vulnerability in Freereprintables Articlefr 3.0.4 A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insufficient access restrictions in the data.php script, which could let a remote malicious user obtain access or modify or delete database information. | 9.8 |
| 2020-02-11 | CVE-2020-0686 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-02-07 | CVE-2020-8655 | Improper Privilege Management vulnerability in Eyesofnetwork 5.30 An issue was discovered in EyesOfNetwork 5.3. | 7.8 |