95 matches found
UBUNTU-CVE-2023-45807
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. There is an issue with the implementation of tenant permissions in OpenSearch Dashboards where authenticated users with read-only access to a tenant can perform create, edit...
CVE-2023-20136
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...
CVE-2023-20136
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...
CVE-2023-31445
Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users...
CVE-2023-31445
Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users...
JetBrains YouTrack 安全漏洞
JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. The software features error tracking, creating workflows and monitoring project progress.An elevation of privilege vulnerability exists in versions prior to JetBrains YouTrack...
How to create read-only users on xenserver
Create read-only users on xenserver...
CVE-2019-18181
In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only...
How To Configure RADIUS and TACACS servers for read-only and admin users in SD-WAN
...
PT-2019-4929 · Ceph +3 · Ceph +3
Name of the Vulnerable Software and Affected Versions: Ceph versions prior to 13.2.4 Description: The issue is related to an authorization procedure error in the Ceph storage system. This error can be exploited by a remote attacker to gain unauthorized access to dm-crypt encryption keys used in...
CVE-2014-7823
The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIRDOMAINXMLMIGRATABLE flag, which triggers the use of the VIRDOMAINXMLSECURE flag...
CVE-2014-7823
The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIRDOMAINXMLMIGRATABLE flag, which triggers the use of the VIRDOMAINXMLSECURE flag...
CVE-2007-2760
The canUpdate function in model/MRole.java in Adempiere before 3.1.6 does not properly validate user roles, which allows remote authenticated read-only users to gain read-write privileges. NOTE: some of these details are obtained from third party information...
Information disclosure
The canUpdate function in model/MRole.java in Adempiere before 3.1.6 does not properly validate user roles, which allows remote authenticated read-only users to gain read-write privileges. NOTE: some of these details are obtained from third party information...
[VulnWatch] Cisco Security Advisory: Cisco Call Manager Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Call Manager Privilege Escalation Advisory ID: cisco-sa-20060118-ccmpe http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmpe.shtml Revision 1.0 ============ For Public Release 2006 January 18 1600 UTC GMT -...