Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-05 | CVE-2023-45083 | Improper Privilege Management vulnerability in Softiron Hypercloud An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able to delete the "admin" or "serveradmin" users, which prevents authentication from subsequently succeeding. This issue affects HyperCloud versions 1.0 to any release before 2.1. | 4.4 |
| 2023-12-01 | CVE-2023-45253 | Improper Privilege Management vulnerability in Huddly Huddlycameraservices An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library. | 7.8 |
| 2023-11-29 | CVE-2023-6218 | Improper Privilege Management vulnerability in Progress Moveit Transfer In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an organization administrator. | 7.2 |
| 2023-11-28 | CVE-2023-29066 | Improper Privilege Management vulnerability in BD Facschorus The FACSChorus software does not properly assign data access privileges for operating system user accounts. | 3.5 |
| 2023-11-16 | CVE-2023-44282 | Improper Privilege Management vulnerability in Dell Repository Manager 1.1.52/1.2.155/1.3.124 Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. | 7.8 |
| 2023-11-16 | CVE-2023-44292 | Improper Privilege Management vulnerability in Dell Repository Manager Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. | 7.8 |
| 2023-11-16 | CVE-2023-6119 | Improper Privilege Management vulnerability in Trellix Getsusp An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level. | 7.8 |
| 2023-11-14 | CVE-2023-20563 | Improper Privilege Management vulnerability in AMD products Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-11-14 | CVE-2023-20565 | Improper Privilege Management vulnerability in AMD products Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-11-14 | CVE-2023-31273 | Improper Privilege Management vulnerability in Intel Data Center Manager Protection mechanism failure in some Intel DCM software before version 5.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 9.8 |