Vulnerabilities > Permissions, Privileges, and Access Controls

DATE CVE VULNERABILITY TITLE RISK
2019-03-14 CVE-2019-0135 Permissions, Privileges, and Access Controls vulnerability in multiple products
Improper permissions in the installer for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel lenovo CWE-264
7.8
2019-03-14 CVE-2019-0129 Permissions, Privileges, and Access Controls vulnerability in Intel USB 3.0 Creator Utility
Improper permissions for Intel(R) USB 3.0 Creator Utility all versions may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-264
4.6
2019-03-14 CVE-2019-0121 Permissions, Privileges, and Access Controls vulnerability in Intel Matrix Storage Manager 8.9.0.1023
Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and before may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-264
4.6
2019-03-14 CVE-2019-9768 Permissions, Privileges, and Access Controls vulnerability in Thinkst Canarytokens 20190301
Thinkst Canarytokens through commit hash 4e89ee0 (2019-03-01) relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document contains a token.
network
low complexity
thinkst CWE-264
5.0
2019-03-13 CVE-2019-1723 Permissions, Privileges, and Access Controls vulnerability in Cisco Common Services Platform Collector 2.7.2/2.8.0/2.8.1
A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an unauthenticated, remote attacker to access an affected device by using an account that has a default, static password.
network
low complexity
cisco CWE-264
critical
10.0
2019-03-09 CVE-2019-9637 Permissions, Privileges, and Access Controls vulnerability in PHP
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php debian canonical opensuse netapp CWE-264
5.0
2019-03-08 CVE-2019-1602 Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os
A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator.
local
low complexity
cisco CWE-264
7.2
2019-03-08 CVE-2019-3779 Permissions, Privileges, and Access Controls vulnerability in Cloudfoundry Container Runtime
Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kubernetes clusters utilize the same CA (Certificate Authority) to sign and trust certs for ETCD as used by the Kubernetes API.
network
low complexity
cloudfoundry CWE-264
4.0
2019-03-07 CVE-2019-1596 Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root.
local
low complexity
cisco CWE-264
7.2
2019-03-06 CVE-2019-1593 Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles.
local
low complexity
cisco CWE-264
7.2