63 matches found
Design/Logic Flaw
BigTree CMS through 4.2.18 does not prevent a user from deleting their own account. This could have security relevance because deletion was supposed to be an admin-only action, and the admin may have other tasks such as data backups to complete before a user is deleted...
EAP: missing authorization check for Monitor/Deployer/Auditor role when shutting down server
It was found that JBoss EAP did not properly authorize a user performing a shut down. A remote user with the Monitor, Deployer, or Auditor role could use this flaw to shut down the EAP server, which is an action restricted to admin users...
Moderate: Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update
Updated openstack-neutron packages that fix one security issue, several bugs, and add multiple enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A...