Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-01 | CVE-2020-9114 | Improper Privilege Management vulnerability in Huawei Fusioncompute FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. | 7.8 |
| 2020-11-30 | CVE-2020-8351 | Improper Privilege Management vulnerability in Lenovo Pcmanager 2.6.40.3154/2.8.90.11211 A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with elevated privileges. | 7.8 |
| 2020-11-23 | CVE-2020-15248 | Improper Privilege Management vulnerability in Octobercms October October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. | 4.2 |
| 2020-11-19 | CVE-2020-12495 | Improper Privilege Management vulnerability in Endress products Endress+Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) with Firmware version prior to V2.0.0 is prone to improper privilege management. | 8.8 |
| 2020-11-18 | CVE-2020-3482 | Improper Privilege Management vulnerability in Cisco products A vulnerability in the Traversal Using Relays around NAT (TURN) server component of Cisco Expressway software could allow an unauthenticated, remote attacker to bypass security controls and send network traffic to restricted destinations. | 6.5 |
| 2020-11-18 | CVE-2020-26080 | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the user management functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to manage user information for users in different domains on an affected system. | 4.1 |
| 2020-11-18 | CVE-2020-26077 | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the access control functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to view lists of users from different domains that are configured on an affected system. | 4.3 |
| 2020-11-18 | CVE-2020-26072 | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the SOAP API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to access and modify information on devices that belong to a different domain. | 8.7 |
| 2020-11-16 | CVE-2020-8269 | Improper Privilege Management vulnerability in Citrix Virtual Apps and Desktops, Xenapp and Xendesktop An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9 | 8.8 |
| 2020-11-13 | CVE-2020-13638 | Improper Privilege Management vulnerability in Rconfig lib/crud/userprocess.php in rConfig 3.9.x before 3.9.7 has an authentication bypass, leading to administrator account creation. | 9.8 |