Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-12 | CVE-2020-2022 | Improper Privilege Management vulnerability in Paloaltonetworks Pan-Os An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. | 5.1 |
| 2020-11-11 | CVE-2020-4685 | Improper Privilege Management vulnerability in IBM Cognos Controller A low level user of IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 who has Administration rights to the server where the application is installed, can escalate their privilege from Low level to Super Admin and gain access to Create/Update/Delete any level of user in Cognos Controller. | 6.5 |
| 2020-11-11 | CVE-2020-16993 | Improper Privilege Management vulnerability in Microsoft Azure Sphere Azure Sphere Elevation of Privilege Vulnerability | 5.4 |
| 2020-11-10 | CVE-2020-24367 | Improper Privilege Management vulnerability in Bluestacks Incorrect file permissions in BlueStacks 4 through 4.230 on Windows allow a local attacker to escalate privileges by modifying a file that is later executed by a higher-privileged user. | 4.6 |
| 2020-11-06 | CVE-2020-3594 | Improper Privilege Management vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. | 7.8 |
| 2020-11-06 | CVE-2020-3593 | Improper Privilege Management vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. | 7.8 |
| 2020-11-06 | CVE-2020-27122 | Improper Privilege Management vulnerability in Cisco Identity Services Engine A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to elevate privileges on an affected device. | 7.2 |
| 2020-11-06 | CVE-2020-7198 | Improper Privilege Management vulnerability in HP Oneview, Synergy Composer and Synergy Composer 2 There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. | 6.5 |
| 2020-11-05 | CVE-2020-7207 | Improper Privilege Management vulnerability in HP products A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). | 7.2 |
| 2020-11-02 | CVE-2020-28046 | Improper Privilege Management vulnerability in PAX Prolinos An issue was discovered in ProlinOS through 2.4.161.8859R. | 7.2 |