Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-02 | CVE-2016-8769 | Permissions, Privileges, and Access Controls vulnerability in Huawei Utps Firmware V200R003B015D15Sp00C983 Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted service path vulnerability which can lead to the truncation of UTPS service query paths. | 6.7 |
| 2017-04-02 | CVE-2016-2404 | Permissions, Privileges, and Access Controls vulnerability in Huawei products Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. | 7.5 |
| 2017-04-02 | CVE-2015-8671 | Permissions, Privileges, and Access Controls vulnerability in Huawei Logcenter V100R001C10 Huawei LogCenter V100R001C10 could allow an authenticated attacker to tamper with requests using a tool and submit a request to the server for privilege escalation, affecting some system functions. | 8.8 |
| 2017-04-02 | CVE-2014-9696 | Permissions, Privileges, and Access Controls vulnerability in Huawei Tecal E9000 Chassis Firmware V100R001C00Spc160 The Hyper Module Management (HMM) software of Huawei Tecal E9000 Chassis V100R001C00SPC160 and earlier versions allows the operator to modify the user configuration of iMana through privilege escalation. | 8.8 |
| 2017-04-02 | CVE-2014-9695 | Permissions, Privileges, and Access Controls vulnerability in Huawei Tecal E9000 Chassis Firmware V100R001C00Spc160 The Hyper Module Management (HMM) software of Huawei Tecal E9000 Chassis V100R001C00SPC160 and earlier versions could allow a non-super-domain user who accesses HMM through SNMPv3 to perform operations on a server as a super-domain user. | 8.8 |
| 2017-04-02 | CVE-2014-8571 | Permissions, Privileges, and Access Controls vulnerability in Huawei products Apps on Huawei Ascend P6 mobile phones with software EDGE-U00 V100R001C17B508SP01 and earlier versions before V100R001C17B508SP02; EDGE-T00 V100R001C01B508SP01 and earlier versions before V100R001C01B508SP02; EDGE-C00 V100R001C92B508SP02 and earlier versions before V100R001C92B508SP03 can capture screens without the root permission. | 3.3 |
| 2017-04-02 | CVE-2014-3222 | Permissions, Privileges, and Access Controls vulnerability in Huawei Espace Meeting V100R001C03Spc201 In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources. | 7.0 |
| 2017-03-28 | CVE-2016-8031 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Anti-Malware Scan Engine Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file. | 7.3 |
| 2017-03-28 | CVE-2016-10152 | Permissions, Privileges, and Access Controls vulnerability in Hesiod Project Hesiod The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the ".athena.mit.edu" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache. | 9.8 |
| 2017-03-28 | CVE-2016-9469 | Permissions, Privileges, and Access Controls vulnerability in Gitlab Multiple versions of GitLab expose a dangerous method to any authenticated user that could lead to the deletion of all Issue and MergeRequest objects on a GitLab instance. | 8.2 |