Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-03 | CVE-2019-10145 | Permissions, Privileges, and Access Controls vulnerability in Redhat RKT rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`. | 6.9 |
| 2019-06-03 | CVE-2019-10144 | Permissions, Privileges, and Access Controls vulnerability in Redhat RKT rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`. | 6.9 |
| 2019-06-03 | CVE-2018-5406 | Permissions, Privileges, and Access Controls vulnerability in Quest Kace Systems Management Appliance Firmware The Quest Kace K1000 Appliance, versions prior to 9.0.270, allows a remote attacker to exploit the misconfigured Cross-Origin Resource Sharing (CORS) mechanism. | 9.3 |
| 2019-06-02 | CVE-2017-18376 | Permissions, Privileges, and Access Controls vulnerability in Strangebee Thehive An improper authorization check in the User API in TheHive before 2.13.4 and 3.x before 3.3.1 allows users with read-only or read/write access to escalate their privileges to the administrator's privileges. | 8.8 |
| 2019-05-29 | CVE-2019-11891 | Permissions, Privileges, and Access Controls vulnerability in Bosch Smart Home Controller Firmware A potential incorrect privilege assignment vulnerability exists in the app pairing mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in elevated privileges of the adversary's choosing. | 5.4 |
| 2019-05-28 | CVE-2019-7394 | Permissions, Privileges, and Access Controls vulnerability in CA Risk Authentication and Strong Authentication A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x allows an authenticated attacker to gain additional privileges in some cases where an account has customized and limited privileges. | 6.5 |
| 2019-05-15 | CVE-2019-1730 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. | 7.2 |
| 2019-05-14 | CVE-2019-6572 | Permissions, Privileges, and Access Controls vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). | 6.4 |
| 2019-05-03 | CVE-2019-1803 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nexus 9000 Series Application Centric Infrastructure A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. | 7.2 |
| 2019-05-03 | CVE-2019-1682 | Permissions, Privileges, and Access Controls vulnerability in Cisco Application Policy Infrastructure Controller 3.2(2L) A vulnerability in the FUSE filesystem functionality for Cisco Application Policy Infrastructure Controller (APIC) software could allow an authenticated, local attacker to escalate privileges to root on an affected device. | 7.2 |