Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-3250 | Improper Privilege Management vulnerability in Cisco UCS Director and UCS Director Express for BIG Data Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. | 9.8 |
| 2020-04-15 | CVE-2020-3243 | Improper Privilege Management vulnerability in Cisco UCS Director and UCS Director Express for BIG Data Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. | 9.8 |
| 2020-04-15 | CVE-2020-11799 | Improper Privilege Management vulnerability in Z-Cron 5.6 Z-Cron 5.6 Build 04 allows an unprivileged attacker to elevate privileges by modifying a privileged user's task. | 9.8 |
| 2020-04-15 | CVE-2019-12522 | Improper Privilege Management vulnerability in Squid-Cache Squid An issue was discovered in Squid through 4.7. | 4.5 |
| 2020-04-15 | CVE-2020-6992 | Improper Privilege Management vulnerability in GE Cimplicity A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. | 6.7 |
| 2020-04-15 | CVE-2020-1014 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-04-15 | CVE-2020-0935 | Improper Privilege Management vulnerability in Microsoft Onedrive An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links, aka 'OneDrive for Windows Elevation of Privilege Vulnerability'. | 5.5 |
| 2020-04-15 | CVE-2020-7255 | Improper Privilege Management vulnerability in Mcafee Endpoint Security Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. | 4.4 |
| 2020-04-15 | CVE-2020-7274 | Improper Privilege Management vulnerability in Mcafee Endpoint Security Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges). | 7.8 |
| 2020-04-15 | CVE-2020-7273 | Improper Privilege Management vulnerability in Mcafee Endpoint Security Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters. | 5.5 |