4 matches found
CVE-2025-62730
SOPlanning is vulnerable to Privilege Escalation in user management tab. Users with usermanageteam role are allowed to modify permissions of users. However, they are able to assign administrative permissions to any user including themselves. This allow a malicious authenticated attacker with this...
CVE-2025-62730 Privilege Escalation via Incorrect Authorization in SOPlanning
SOPlanning is vulnerable to Privilege Escalation in user management tab. Users with usermanageteam role are allowed to modify permissions of users. However, they are able to assign administrative permissions to any user including themselves. This allow a malicious authenticated attacker with this...
Improper Authorization in add role function leads to privilege escalation
Description The application improperly performs user authorization, resulting in a user with the user management role being able to modify their own permissions or those of others. Proof of Concept Step1: The highest-level administrator or an administrator with the permission to create roles...
Cisco DNA Center Elevation of Privilege Vulnerability
Cisco DNA Center is the network management and command center for Cisco DNA. An elevation of privilege vulnerability exists in the user management role in Cisco DNA Center versions prior to 2.1.2.0. The vulnerability stems from improper execution of an action on a specified user role. An attacker...