Latest Permissions, Privileges, and Access Controls Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2019-06-27 CVE-2019-1621 Permissions, Privileges, and Access Controls vulnerability in Cisco Data Center Network Manager 11.0(1)
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to gain access to sensitive files on an affected device.
network
low complexity
cisco CWE-264
5.0
2019-06-27 CVE-2019-1620 Permissions, Privileges, and Access Controls vulnerability in Cisco Data Center Network Manager 11.0(1)
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to upload arbitrary files on an affected device.
network
low complexity
cisco CWE-264
critical
10
2019-06-20 CVE-2019-1626 Permissions, Privileges, and Access Controls vulnerability in Cisco Sd-Wan Firmware
A vulnerability in the vManage web-based UI (Web UI) of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected vManage device.
network
low complexity
cisco CWE-264
6.5
2019-06-20 CVE-2019-1625 Permissions, Privileges, and Access Controls vulnerability in Cisco Sd-Wan Firmware
A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device.
local
low complexity
cisco CWE-264
7.2
2019-06-19 CVE-2019-2003 Permissions, Privileges, and Access Controls vulnerability in Google Android
In addLinks of Linkify.java, there is a possible phishing vector due to an unusual root cause.
network
google CWE-264
critical
9.3
2019-06-17 CVE-2018-10239 Permissions, Privileges, and Access Controls vulnerability in Infoblox Nios
A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on an affected device and perform actions within the super user scope.
local
low complexity
infoblox CWE-264
7.2
2019-06-13 CVE-2019-0164 Permissions, Privileges, and Access Controls vulnerability in Intel Turbo Boost MAX Technology 3.0 1.0.0.1035
Improper permissions in the installer for Intel(R) Turbo Boost Max Technology 3.0 driver version 1.0.0.1035 and before may allow an authenticated user to potentially enable escalation of privilege via local access.
4.4
2019-06-13 CVE-2019-0128 Permissions, Privileges, and Access Controls vulnerability in Intel Chipset Device Software
Improper permissions in the installer for Intel(R) Chipset Device Software (INF Update Utility) before version 10.1.1.45 may allow an authenticated user to escalate privilege via local access.
local
low complexity
intel CWE-264
4.6
2019-06-12 CVE-2019-6582 Permissions, Privileges, and Access Controls vulnerability in Siemens products
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a).
network
low complexity
siemens CWE-264
5.5
2019-06-12 CVE-2019-10925 Permissions, Privileges, and Access Controls vulnerability in Siemens Simatic Mv420 Firmware and Simatic Mv440 Firmware
A vulnerability has been identified in SIMATIC Ident MV420 family (All versions), SIMATIC Ident MV440 family (All versions).
network
low complexity
siemens CWE-264
5.5