CVE-2023-42954

MEDIUM Year: 2023
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-250
View all →

Vulnerability Description

A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in requests.

Related Vulnerabilities

CVE-2023-30617

MEDIUM
CVSS:6.5(Medium)

Kruise provides automated management of large-scale applications on Kubernetes. Starting in version 0.8.0 and prior to versions 1.3.1, 1.4.1, and 1.5.2, an attacker who has gained root privilege of th...

CWE-2502023

CVE-2024-20478

MEDIUM
CVSS:6.5(Medium)

A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authen...

CWE-2502024

CVE-2024-7041

MEDIUM
CVSS:6.5(Medium)

An Insecure Direct Object Reference (IDOR) vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the API endpoint `http://0.0.0.0:3000/api/v1/memories/{id}/update`,...

CWE-2502024

CVE-2025-0921

MEDIUM
CVSS:6.5(Medium)

Execution with Unnecessary Privileges vulnerability in the Pager agent of multi-agent notification feature in Mitsubishi Electric Iconics Digital Solutions GENESIS64 prior to 10.97.3, Mitsubishi Elect...

CWE-2502025

CVE-2025-22890

MEDIUM
CVSS:6.5(Medium)

Execution with unnecessary privileges issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation, SYSTEM privilege of the Windows system where...

CWE-2502025

CVE-2019-10143

MEDIUM
CVSS:6.4(Medium)

It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges...

CWE-2502019