Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-06 | CVE-2019-19699 | Improper Privilege Management vulnerability in Centreon There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. | 7.2 |
| 2020-04-03 | CVE-2018-17954 | Improper Privilege Management vulnerability in Suse Openstack Cloud and Openstack Cloud Crowbar An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. | 7.8 |
| 2020-04-02 | CVE-2019-19348 | Improper Privilege Management vulnerability in Redhat Openshift An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. | 7.0 |
| 2020-04-02 | CVE-2019-19346 | Improper Privilege Management vulnerability in Redhat Openshift An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . | 7.0 |
| 2020-04-01 | CVE-2020-11466 | Improper Privilege Management vulnerability in Deskpro An issue was discovered in Deskpro before 2019.8.0. | 4.3 |
| 2020-04-01 | CVE-2020-11464 | Improper Privilege Management vulnerability in Deskpro An issue was discovered in Deskpro before 2019.8.0. | 4.3 |
| 2020-03-31 | CVE-2020-7009 | Improper Privilege Management vulnerability in Elastic Elasticsearch Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. | 8.8 |
| 2020-03-31 | CVE-2020-5291 | Improper Privilege Management vulnerability in multiple products Bubblewrap (bwrap) before version 0.4.1, if installed in setuid mode and the kernel supports unprivileged user namespaces, then the `bwrap --userns2` option can be used to make the setuid process keep running as root while being traceable. | 7.8 |
| 2020-03-27 | CVE-2020-10940 | Improper Privilege Management vulnerability in Phoenixcontact products Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service. | 7.8 |
| 2020-03-27 | CVE-2015-8534 | Improper Privilege Management vulnerability in Lenovo Solution Center 3.3.0001/3.3.002 MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 7.8 |