Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

CVEs (2,751)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-10853 3Canonical DebianLinux 3Debian Linux Linux KernelUbuntu Linux Nov 21, 2024 Sep 11, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unpr...Show more A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.Show less
CVE-2018-10514 1Trendmicro 4Antivirus + Security Internet SecurityMaximum Security+1 more Nov 21, 2024 Aug 30, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain t...Show more A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.Show less
CVE-2018-15912 1Manjaro 1Manjaro Linux Nov 21, 2024 Aug 29, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. A local attacker can install or remove arbitrary packages and package repositories potentially containing hooks with arbi...Show more An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. A local attacker can install or remove arbitrary packages and package repositories potentially containing hooks with arbitrary code, which will automatically be run as root, or remove packages vital to the system.Show less
CVE-2018-14791 1Emerson 1Deltav Nov 21, 2024 Aug 23, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users to change executable and library files on the affected products.
CVE-2018-14787 1Philips 2Intellispace Cardiovascular Xcelera Nov 21, 2024 Aug 22, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 2.x or prior and Xcelera Version 4.1 or prior), an attacker with escalated privileges could access folders which contain executables where authenticat...Show more In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 2.x or prior and Xcelera Version 4.1 or prior), an attacker with escalated privileges could access folders which contain executables where authenticated users have write permissions, and could then execute arbitrary code with local administrative permissions.Show less
CVE-2017-2662 1Theforeman 1Katello Nov 21, 2024 Aug 22, 2018 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 A flaw was found in Foreman's katello plugin version 3.4.5. After setting a new role to allow restricted access on a repository with a filter (filter set on the Product Name), the filter is not respected when the actions...Show more A flaw was found in Foreman's katello plugin version 3.4.5. After setting a new role to allow restricted access on a repository with a filter (filter set on the Product Name), the filter is not respected when the actions are done via hammer using the repository id.Show less
CVE-2018-1000648 1Librehealth 1Librehealth Ehr Nov 21, 2024 Aug 20, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Write vulnerability in Patient file letter functions that can result in Write files with malicious content and may lead to remote code exe...Show more LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Write vulnerability in Patient file letter functions that can result in Write files with malicious content and may lead to remote code execution. This attack appear to be exploitable via User controlled parameters.Show less
CVE-2018-1000634 1Openmicroscopy 1Omero Nov 21, 2024 Aug 20, 2018 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains an Improper Access Control vulnerability in User management that can result in administrative user with privilege restrictions logging in as a...Show more The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains an Improper Access Control vulnerability in User management that can result in administrative user with privilege restrictions logging in as a more powerful administrator. This attack appear to be exploitable via Use user administration privilege to set the password of a more powerful administrator. This vulnerability appears to have been fixed in 5.4.7.Show less
CVE-2018-0428 1Cisco 1Web Security Appliance Nov 21, 2024 Aug 15, 2018 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A vulnerability in the account management subsystem of Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrato...Show more A vulnerability in the account management subsystem of Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerability is due to improper implementation of access controls. An attacker could exploit this vulnerability by authenticating to the device as a specific user to gain the information needed to elevate privileges to root in a separate login shell. A successful exploit could allow the attacker to escape the CLI subshell and execute system-level commands on the underlying operating system as root. Cisco Bug IDs: CSCvj93548.Show less
CVE-2018-14836 1Subrion 1Subrion Cms Nov 21, 2024 Aug 2, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Subrion 4.2.1 is vulnerable to Improper Access control because user groups not having access to the Admin panel are able to access it (but not perform actions) if the Guests user group has access to the Admin panel.
CVE-2018-1999032 1Agiletestware 1Pangolin Connector For Testrail Nov 21, 2024 Aug 1, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A data modification vulnerability exists in Jenkins Agiletestware Pangolin Connector for TestRail Plugin 2.1 and earlier in GlobalConfig.java that allows attackers with Overall/Read permission to override this plugin's c...Show more A data modification vulnerability exists in Jenkins Agiletestware Pangolin Connector for TestRail Plugin 2.1 and earlier in GlobalConfig.java that allows attackers with Overall/Read permission to override this plugin's configuration by sending crafted HTTP requests to an unprotected endpoint.Show less
CVE-2018-0613 1Necplatforms 8Calsos Csdj A Firmware Calsos Csdj B FirmwareCalsos Csdj D Firmware+5 more Nov 21, 2024 Jul 26, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.0...Show more NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00) allows remote authenticated attackers to bypass access restriction to conduct arbitrary operations with administrative privilege via unspecified vectors.Show less
CVE-2018-10906 3Debian Fuse ProjectRedhat 5Debian Linux Enterprise Linux DesktopEnterprise Linux Server+2 more Nov 21, 2024 Jul 24, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option rega...Show more In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects.Show less
CVE-2018-0343 1Cisco 12Vbond Orchestrator Vedge 1000 FirmwareVedge 100 Firmware+9 more Nov 21, 2024 Jul 18, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service (...Show more A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient access restrictions to the HTTP management interface of the affected solution. An attacker could exploit this vulnerability by sending a malicious HTTP request to the affected management service through an authenticated device. A successful exploit could allow the attacker to execute arbitrary code with vmanage user privileges or stop HTTP services on an affected system. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69976.Show less
CVE-2016-9489 1Zohocorp 1Manageengine Applications Manager Nov 21, 2024 Jul 13, 2018 N/A· v4 8.8 HIGH· v3 4.0 MEDIUM· v2 In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "AD...Show more In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "ADMIN". A user is also able to change properties of another user, e.g. change another user's password.Show less
CVE-2018-0024 1Juniper 1Junos Nov 21, 2024 Jul 11, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. Affected releases are Juniper Networks Juno...Show more An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D45 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 12.3 versions prior to 12.3R11 on EX Series; 14.1X53 versions prior to 14.1X53-D30 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100;; 15.1X49 versions prior to 15.1X49-D20 on SRX Series.Show less
CVE-2018-3682 1Intel 1Bmc Firmware Nov 21, 2024 Jul 10, 2018 N/A· v4 8.2 HIGH· v3 4.6 MEDIUM· v2 BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS.
CVE-2018-9853 1Freesshd 1Freesshd Nov 21, 2024 Jul 10, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of the freesshd.exe process by leveraging the ability to login to an unprivileged account on the server.
CVE-2018-5884 1Qualcomm 12Mdm9206 Firmware Mdm9607 FirmwareMdm9635m Firmware+9 more Nov 21, 2024 Jul 6, 2018 N/A· v4 8.4 HIGH· v3 4.6 MEDIUM· v2 Improper Access Control in Multimedia in Snapdragon Mobile and Snapdragon Wear, Non-standard applications without permission may acquire permission of Qualcomm-specific proprietary intents.
CVE-2018-13405 6Canonical DebianF5+3 more 27Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+24 more Nov 21, 2024 Jul 6, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writab...Show more The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.Show less

Previous 1...126127128...138 Next