CVE-2023-22326 iControl REST and tmsh vulnerability

In BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, and all versions of BIG-IQ 8.x and 7.1.x, incorrect permission assignment vulnerabilities exist in the iControl REST and TMOS shell tmsh dig command which...

CVE-2023-22326

Vulnerability CVE-2023-22326 affects BIG-IP iControl REST and tmsh dig command. An authenticated attacker with resource administrator or administrator privileges can view sensitive information due to incorrect permission assignments in versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1...

CVE-2023-22326 iControl REST and tmsh vulnerability

In BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, and all versions of BIG-IQ 8.x and 7.1.x, incorrect permission assignment vulnerabilities exist in the iControl REST and TMOS shell tmsh dig command which...

K83284425: iControl REST and tmsh vulnerability CVE-2023-22326

Security Advisory Description Incorrect permission assignment vulnerabilities exist in the iControl REST and TMOS shell tmsh dig command which may allow an authenticated attacker with resource administrator role privilege to view sensitive information. CVE-2023-22326 Impact An authenticated...

Design/Logic Flaw

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a local attacker modifies the webroot directory. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 -...

CVE-2022-42972

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a local attacker modifies the webroot directory. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 -...

CVE-2022-42972

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a local attacker modifies the webroot directory. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 -...

Security Advisory - Incorrect Privilege Assignment Vulnerability in Huawei Whole-Home Intelligence Software

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions.Vulnerability ID:HWPSIRT-2022-52968 This vulnerability has been assigned a CVE ID: CVE-2022-48...

Security Advisory - Incorrect Privilege Assignment Vulnerability in Huawei Whole-Home Intelligence Software

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions. Vulnerability ID:HWPSIRT-2022-90086 This vulnerability has been assigned a CVE ID:...

CVE-2022-42972

Schneider Electric APC Easy UPS Online Monitoring Software and Schneider Electric Easy UPS Online Monitoring Software (Safe to say the affected products are APC Easy UPS Online Monitoring Software and Schneider Electric Easy UPS Online Monitoring Software) are impacted by CVE-2022-42972, which is...

CVE-2022-4441

Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.9.0 before 04.9.1...

CVE-2022-4441

Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.9.0 before 04.9.1...

CVE-2022-4441 Privilege Escalation Vulnerability in Hitachi Storage Plug-in for VMware vCenter

Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.9.0 before 04.9.1...

CVE-2022-4441

Impact: Hitachi Storage Plug-in for VMware vCenter (versions 04.9.0–04.9.0) is affected by an Incorrect Privilege Assignment vulnerability that allows remote authenticated users to escalate privileges. Root cause: misassignment of privileges within the plugin. Affected product/version: Hitachi St...

CVE-2022-4041

CVE-2022-4041 affects Hitachi Storage Plug-in for VMware vCenter. The vulnerability is an Incorrect Privilege Assignment that allows remote authenticated users to escalate privileges. Affected versions are 04.8.0 through 04.9.0 ; fixed in 04.9.1 and later. Public sources in the provided documents...

Hitachi Storage Plug-in for VMware vCenter 安全漏洞

Hitachi Storage Plug-in for VMware vCenter is a plug-in from Hitachi, Japan. It enables integrated management of Hitachie storage systems in vCenter. A security vulnerability exists in Hitachi Storage Plug-in for VMware vCenter versions 04.8.0 through prior to 04.9.1, which stems from an incorrec...

Improper Access Control

cakephp/cakephp is vulnerable to Improper Access Control. The vulnerability exists due to mass assignment issues when multiple POST requests manipulate the same model allowing an attacker to perform cross form submissions to the SecurityComponent...

PHOENIX CONTACT Emalytics Controller ILC Incorrect Permission Assignment For Critical Resource (CVE-2020-8768)

An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI before 1.2.3 and BI-L before 1.2.3 devices. There is an insecure mechanism for read and write access to the configuration of the device. The mechanism can be discovered by examining a link on the website of the device. Th...

CVE-2018-20104

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none...

The vulnerability of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, related to pointer assignment errors, allows attackers to trigger service interruptions.

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud are related to pointer assignment errors. Exploiting these vulnerabilities can allow attackers to cause service failures...