Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-264 (权限、特权和访问控制) — Vulnerability Class 277

277 vulnerabilities classified as CWE-264 (权限、特权和访问控制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-28497 Arista Networks MOS 安全漏洞 — Metamako Operating System 4.4 Medium2021-09-09
CVE-2021-27851 Local privilege escalation in GNU Guix via guix-daemon and '--keep-failed' — guix-daemon 7.1 -2021-04-26
CVE-2021-21438 FAQ articles are shown to users without permission — FAQ 3.5 Low2021-03-22
CVE-2021-21437 Config Items are shown to users without permission — OTRSCIsInCustomerFrontend 3.5 Low2021-03-22
CVE-2021-22661 ProSoft Technology ICX-HWC-A 安全漏洞 — ICX35-HWC-A, ICX35-HWC-E 7.5 -2021-02-26
CVE-2019-18945 privilege escalation — Solutions Business Manager 7.3 High2021-02-26
CVE-2021-21436 Agent is able to link customer's Config Items without permission — OTRSCIsInCustomerFrontend 3.5 Low2021-02-08
CVE-2021-1258 Cisco AnyConnect Secure Mobility Client Arbitrary File Read Vulnerability — Cisco AnyConnect Secure Mobility Client 5.5 Medium2021-01-13
CVE-2020-13922 Apache DolphinScheduler (incubating) Permission vulnerability — Apache DolphinScheduler 6.5 -2021-01-11
CVE-2020-3426 Cisco IOS Software for Cisco Industrial Routers Virtual-LPWA Unauthorized Access Vulnerability — Cisco IOS 15.2(6)E4 7.5 High2020-09-24
CVE-2019-16017 Cisco Unified Customer Voice Portal Insecure Direct Object Reference Vulnerability — Cisco Unified Customer Voice Portal (CVP) 4.9 -2020-09-23
CVE-2020-3473 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerability — Cisco IOS XR Software 7.8 -2020-09-04
CVE-2020-3530 Cisco IOS XR Authenticated User Privilege Escalation Vulnerability — Cisco IOS XR Software 8.4 High2020-09-04
CVE-2020-3443 Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability — Cisco Smart Software Manager On-Prem 8.8 High2020-08-26
CVE-2020-3485 Cisco Vision Dynamic Signage Director Role-Based Access Control Vulnerability — Cisco Vision Dynamic Signage Director 6.3 Medium2020-08-26
CVE-2020-7352 GOG Galaxy GalaxyClientService Privilege Escalation — GOG GalaxyClientService 8.4 High2020-08-06
CVE-2020-11933 local snapd exploit through cloud-init — snapd 7.3 High2020-07-29
CVE-2020-12028 Rockwell Automation FactoryTalk View SE — FactoryTalk View SE 7.3 High2020-07-20
CVE-2020-3379 Cisco SD-WAN Solution Software Privilege Escalation Vulnerability — Cisco SD-WAN Solution 7.8 -2020-07-16
CVE-2020-3180 Cisco SD-WAN Solution Software Static Credentials Vulnerability — Cisco SD-WAN vManage 7.8 -2020-07-16
CVE-2020-3229 Cisco IOS XE Software Web UI Privilege Escalation Vulnerability — Cisco IOS XE Software 16.2.2 8.8 -2020-06-03
CVE-2020-3227 Cisco IOx for IOS XE Software Privilege Escalation Vulnerability — Cisco IOS XE Software 16.3.1 9.8 -2020-06-03
CVE-2020-3215 Cisco IOS XE Software Privilege Escalation Vulnerability — Cisco IOS XE Software 3.8.0S 6.7 -2020-06-03
CVE-2020-3214 Cisco IOS XE Software Privilege Escalation Vulnerability — Cisco IOS XE Software 16.11.1 6.7 -2020-06-03
CVE-2020-3213 Cisco IOS XE Software Privilege Escalation Vulnerability — Cisco IOS XE Software 3.8.0S 6.7 -2020-06-03
CVE-2020-3208 Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Image Verification Bypass Vulnerability — Cisco IOS 12.2(60)EZ16 6.7 -2020-06-03
CVE-2019-19100 Privilege escalation via B&R Automation Studio upgrade service — Automation Studio 7.5 High2020-04-29
CVE-2020-8489 ABB System 800xA Inter process communication vulnerability - 800xA Information Management — 800xA Information Management 7.8 High2020-04-29
CVE-2020-8488 ABB System 800xA Inter process communication vulnerability - 800xA Batch Management — 800xA Batch Management 7.8 High2020-04-29
CVE-2020-8487 ABB System 800xA Inter process communication vulnerability - System 800xA Base — System 800xA Base 6.6 Medium2020-04-29

Vulnerabilities classified as CWE-264 (权限、特权和访问控制) represent 277 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.