10 matches found
CVE-2025-37155
CVE-2025-37155 describes an improper access-control flaw in the SSH restricted shell interface of network management services. The vulnerability could allow an attacker with authenticated read-only privileges to escalate to administrator access on affected systems. Documented in multiple sources,...
EUVD-2020-19673
Malware in sbrugna...
CVE-2025-37101
A potential security vulnerability has been identified in HPE OneView for VMware vCenter OV4VC. This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation operator can perform admin actions...
CVE-2025-37101 HPE OneView for VMware vCenter (OV4VC), Local Elevation of Privilege
A potential security vulnerability has been identified in HPE OneView for VMware vCenter OV4VC. This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation operator can perform admin actions...
CVE-2025-37101 HPE OneView for VMware vCenter (OV4VC), Local Elevation of Privilege
A potential security vulnerability has been identified in HPE OneView for VMware vCenter OV4VC. This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation operator can perform admin actions...
CVE-2020-27149
By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed...
Vulnerabilities fixed in Fortinet FortiSandbox
Fortinet has fixed vulnerabilities in FortiSandbox. The vulnerability with reference CVE-2024-45328 includes improper authorization that allows low-privileged administrators to execute elevated CLI commands through the GUI console. In addition, there is an SQL injection vulnerability with attribu...
CVE-2020-27149
By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed...
Cisco Integrated Management Controller Elevation of Privilege Vulnerability
Cisco Integrated Management Controller IMC is a set of software from the American company Cisco Cisco for the management of UCS Unified Computing System. The software supports HTTP, SSH access, etc., and can perform operations such as powering on, powering off and rebooting the server. An elevati...
Design/Logic Flaw
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804...