Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-15 | CVE-2018-0428 | Improper Privilege Management vulnerability in Cisco web Security Appliance A vulnerability in the account management subsystem of Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to elevate privileges to root. | 6.7 |
| 2018-08-02 | CVE-2018-14836 | Improper Privilege Management vulnerability in Subrion CMS 4.2.1 Subrion 4.2.1 is vulnerable to Improper Access control because user groups not having access to the Admin panel are able to access it (but not perform actions) if the Guests user group has access to the Admin panel. | 6.5 |
| 2018-08-01 | CVE-2018-1999032 | Improper Privilege Management vulnerability in Agiletestware Pangolin Connector for Testrail 2.1 A data modification vulnerability exists in Jenkins Agiletestware Pangolin Connector for TestRail Plugin 2.1 and earlier in GlobalConfig.java that allows attackers with Overall/Read permission to override this plugin's configuration by sending crafted HTTP requests to an unprotected endpoint. | 6.5 |
| 2018-07-26 | CVE-2018-0613 | Improper Privilege Management vulnerability in Necplatforms products NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00) allows remote authenticated attackers to bypass access restriction to conduct arbitrary operations with administrative privilege via unspecified vectors. | 8.8 |
| 2018-07-24 | CVE-2018-10906 | Improper Privilege Management vulnerability in multiple products In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. | 7.8 |
| 2018-07-18 | CVE-2018-0343 | Improper Privilege Management vulnerability in Cisco products A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service (DoS) condition on an affected system. | 8.8 |
| 2018-07-11 | CVE-2018-0024 | Improper Privilege Management vulnerability in Juniper Junos An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. | 7.8 |
| 2018-07-10 | CVE-2018-3682 | Improper Privilege Management vulnerability in Intel BMC Firmware BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS. | 8.2 |
| 2018-07-10 | CVE-2018-9853 | Improper Privilege Management vulnerability in Freesshd 1.3.1 Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of the freesshd.exe process by leveraging the ability to login to an unprivileged account on the server. | 9.8 |
| 2018-07-06 | CVE-2018-5884 | Improper Privilege Management vulnerability in Qualcomm products Improper Access Control in Multimedia in Snapdragon Mobile and Snapdragon Wear, Non-standard applications without permission may acquire permission of Qualcomm-specific proprietary intents. | 8.4 |