CVE-2024-0356

A vulnerability has been found in Mandelo ssmshiroblog 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file updateRoles of the component Backend. The manipulation leads to improper access controls. The exploit has been disclosed to the public a...

PT-2024-15491 · Unknown · Mandelo Ssm Shiro Blog

Name of the Vulnerable Software and Affected Versions: Mandelo ssm shiro blog version 1.0 Description: A vulnerability has been found in the file updateRoles of the component Backend, leading to improper access controls. The manipulation of this vulnerability can be used to exploit the issue...

CVE-2020-3329

A vulnerability in role-based access control of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system. The vulnerability is due to...

CVE-2013-2143

The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the updateroles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account...