Lucene search
K

977 matches found

Prion
Prion
added 2013/12/02 10:55 p.m.16 views

Design/Logic Flaw

The RBAC implementation in Cisco Secure Access Control System ACS does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, aka Bug...

4CVSS6AI score0.00947EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/12/02 10:0 p.m.24 views

CVE-2013-6695

The RBAC implementation in Cisco Secure Access Control System ACS does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, aka Bug...

5.6AI score0.00947EPSS
Exploits0References1
Prion
Prion
added 2013/07/06 1:57 p.m.22 views

Design/Logic Flaw

The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows remote authenticated users to bypass intended file-ownership restrictions, and read or overwrite arbitrary files, via unspecified vectors...

8.5CVSS6.5AI score0.02961EPSS
Exploits0References9Affected Software2
CVE
CVE
added 2013/07/06 10:0 a.m.85 views

CVE-2013-3005

CVE-2013-3005 affects the IBM AIX 6.1 and 7.1 TFTP client (and VIOS 2.2.2.2-FP-26 SP-02) where, with RBAC enabled, remote authenticated users can bypass file ownership restrictions and read or overwrite arbitrary files via tftp. Connected advisories document this as a client-side TFTP RBAC bypass...

8.5CVSS6AI score0.02961EPSS
Exploits0References9Affected Software2
NVD
NVD
added 2013/04/17 12:14 p.m.18 views

CVE-2013-0411

Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via vectors related to RBAC Configuration...

5.9CVSS5.5AI score0.0031EPSS
Exploits0References3
Prion
Prion
added 2013/04/17 12:14 p.m.17 views

Default configuration

Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via vectors related to RBAC Configuration...

5.9CVSS5.9AI score0.0031EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/04/17 5:4 a.m.19 views

CVE-2013-0411

Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via vectors related to RBAC Configuration...

5.5AI score0.0031EPSS
Exploits0References3
CVE
CVE
added 2013/04/17 5:4 a.m.49 views

CVE-2013-0411

CVE-2013-0411 concerns an unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 related to the RBAC Configuration. The connected records indicate the subcomponent involved is RBAC Configuration and describe impact to confidentiality, integrity, and availability via local access. Affected v...

5.9CVSS5.6AI score0.0031EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/02/18 12:0 a.m.23 views

Solaris 10 (x86) : 148028-03 (deprecated)

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: RBAC Configuration. Supported versions that are affected are 8, 9 and 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional, multiple logins to components...

5.9CVSS6.2AI score0.0037EPSS
Exploits0References3
Cisco
Cisco
added 2012/11/07 4:15 p.m.25 views

Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability

Cisco Secure Access Control System ACS contains a vulnerability that could allow an unauthenticated, remote attacker to bypass TACACS+ based authentication services offered by the affected application. The vulnerability is due to improper validation of user-supplied input processed by the affecte...

5CVSS6.9AI score0.02452EPSS
Exploits0References1
Prion
Prion
added 2012/10/20 10:41 a.m.24 views

Design/Logic Flaw

The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file...

6.8CVSS6.7AI score0.01617EPSS
Exploits0References8Affected Software2
Cvelist
Cvelist
added 2012/10/20 10:0 a.m.20 views

CVE-2012-4845

The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file...

6AI score0.01617EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2011/11/02 12:0 a.m.19 views

Solaris 9 (sparc) : 115336-06

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: RBAC Configuration. Supported versions that are affected are 8, 9 and 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional, multiple logins to components...

5.9CVSS5.8AI score0.0031EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/10/31 12:0 a.m.23 views

Solaris 9 (x86) : 115337-05

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: RBAC Configuration. Supported versions that are affected are 8, 9 and 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional, multiple logins to components...

5.9CVSS5.8AI score0.0031EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/10/14 12:0 a.m.35 views

HP-UX Update for Role-Based Access Control (RBAC) HPSBUX02457

Check for the Version of Role-Based Access Control RBAC OpenVAS Vulnerability Test HP-UX Update for Role-Based Access Control RBAC HPSBUX02457 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

7.2CVSS0.4AI score0.00539EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/09/28 12:0 a.m.31 views

HP-UX PHCO_40131 : HP-UX Running Role-Based Access Control (RBAC), Local Unauthorized Access (HPSBUX02457 SSRT090174 rev.1)

s700800 11.31 rbac cumulative patch : A potential security vulnerability has been identified with HP-UX running Role-Based Access Control RBAC. The vulnerability could be exploited locally to gain unauthorized access. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

7.2CVSS5.3AI score0.00539EPSS
Exploits0References2
NVD
NVD
added 2009/09/24 6:30 p.m.25 views

CVE-2009-2682

Unspecified vulnerability in Role-Based Access Control RBAC in HP HP-UX B.11.23 and B.11.31 allows local users to bypass intended access restrictions via unknown vectors...

7.2CVSS6.1AI score0.00539EPSS
Exploits0References5
Prion
Prion
added 2009/09/24 6:30 p.m.23 views

Code injection

Multiple unspecified vulnerabilities in the 1 iscsiadm and 2 iscsitadm programs in Sun Solaris 10, and OpenSolaris snv28 through snv109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library...

7.2CVSS7.4AI score0.00422EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2009/09/24 6:30 p.m.23 views

CVE-2009-3390

Multiple unspecified vulnerabilities in the 1 iscsiadm and 2 iscsitadm programs in Sun Solaris 10, and OpenSolaris snv28 through snv109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library...

7.2CVSS6.8AI score0.00422EPSS
Exploits0References2
CVE
CVE
added 2009/09/24 6:0 p.m.58 views

CVE-2009-2682

CVE-2009-2682 describes an unspecified local vulnerability in HP-UX RBAC that could let a local user bypass access restrictions on HP-UX B.11.23 and B.11.31. Related OpenVAS/NVD entries confirm HP-UX RBAC components (RBAC-CONF, RBAC-RUN, RBAC-WEB) as affected, with the HP Security Bulletin HPSBUX...

7.2CVSS6AI score0.00539EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder