Show filters
26 Total Results
Displaying 11-20 of 26
Sort by:
Attacker Value
Unknown

CVE-2024-21330

Disclosure Date: March 12, 2024 (last updated January 12, 2025)
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-3899

Disclosure Date: August 23, 2023 (last updated April 25, 2024)
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-29149

Disclosure Date: June 15, 2022 (last updated November 29, 2024)
Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
0
0
Attacker Value
Unknown

CVE-2021-40376

Disclosure Date: March 10, 2022 (last updated October 07, 2023)
otris Update Manager 1.2.1.0 allows local users to achieve SYSTEM access via unauthenticated calls to exposed interfaces over a .NET named pipe. A remote attack may be possible as well, by leveraging WsHTTPBinding for HTTP traffic on TCP port 9000.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-22278

Disclosure Date: October 19, 2021 (last updated November 28, 2024)
A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed.
Attack Vector: LocalPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-38649

Disclosure Date: September 15, 2021 (last updated November 28, 2024)
Open Management Infrastructure Elevation of Privilege Vulnerability
0
0
Attacker Value
Unknown

CVE-2021-38645

Disclosure Date: September 15, 2021 (last updated November 28, 2024)
Open Management Infrastructure Elevation of Privilege Vulnerability
0
0
Attacker Value
Unknown

CVE-2020-7136

Disclosure Date: April 30, 2020 (last updated November 27, 2024)
A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP).
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-11987

Disclosure Date: June 05, 2019 (last updated November 27, 2024)
A security vulnerability in HPE Smart Update Manager (SUM) prior to v8.4 could allow local unauthorized elevation of privilege.
0
0
Attacker Value
Unknown

CVE-2019-11988

Disclosure Date: June 05, 2019 (last updated November 27, 2024)
A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager (SUM) earlier than version 8.3.5.
0
0
View More Topics  < Previous  Next >