CVE-2021-22048

The vCenter Server contains a privilege escalation vulnerability in the IWA Integrated Windows Authentication authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group...

CVE-2025-36361 IBM App Connect Enterprise runtime is vulnerable to a lack of authorization on windows environments using IWA

IBM App Connect Enterprise 13.0.1.0 through 13.0.4.2, and 12.0.1.0 through 12.0.12.17 could allow an authenticated user to perform unauthorized actions on customer defined resources due to missing authorization...

EUVD-2012-0765

Malware in sbrugna...

Vulnerability fixed in VMware vCenter and Cloud Foundation

VMware has fixed a vulnerability in vCenter Server and Cloud Foundation. An authenticated malicious party could, by exploiting this vulnerability obtain elevated privileges on the vulnerable system. The vulnerability is located in the Integrated Windows Authentication IWA authentication mechanism...

CVE-2021-22048

The vCenter Server contains a privilege escalation vulnerability in the IWA Integrated Windows Authentication authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group...

VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)

3. VMware vCenter Server IWA privilege escalation vulnerability CVE-2021-22048 The vCenter Server contains a privilege escalation vulnerability in the IWA Integrated Windows Authentication authentication mechanism. VMware has evaluated the severity of this issue to be in the Important severity...

PT-2021-4966

Name of the Vulnerable Software and Affected Versions VMware vCenter Server versions affected versions not specified VMware Cloud Foundation versions affected versions not specified Description The issue is related to a privilege escalation vulnerability in the IWA Integrated Windows Authenticati...

CVE-2012-0733

IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when Integrated Windows authentication is used, allows remote authenticated users to obtain administrative privileges by hijacking a session associated with the service account...

Ingres用户认证非授权访问漏洞

BUGTRAQ ID: 26959 CVECAN ID: CVE-2007-6334 Ingres是很多CA产品默认所使用的数据库后端。 Windows平台上的Ingres数据库为之后连接的用户分配了与第一个连接用户相同的权限和身份，这允许远程攻击者获得非授权访问。仅在运行于Microsoft IIS Web服务器上且启用了集成Windows认证（IWA）选项的情况下才会出现这个漏洞。 Ingres Corporation Ingres Database 2.6 Ingres Corporation Ingres Database 2.5 厂商补丁： Ingres Corporation...