CVE-2023-45083

MEDIUM Year: 2023
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-269
View all →

Vulnerability Description

An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able to delete the "admin" or "serveradmin" users, which prevents authentication from subsequently succeeding. This issue affects HyperCloud versions 1.0 to any release before 2.1.

Related Vulnerabilities

CVE-2018-12261

MEDIUM
CVSS:4.4(Medium)

An issue was discovered on Momentum Axel 720P 5.1.8 devices. All processes run as root.

CWE-2692018

CVE-2018-1368

MEDIUM
CVSS:4.4(Medium)

IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with low privileges to view report pages and perform some actions that only an admin should be performing, so...

CWE-2692018

CVE-2021-23880

MEDIUM
CVSS:4.4(Medium)

Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of th...

CWE-2692021

CVE-2021-23882

MEDIUM
CVSS:4.4(Medium)

Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by pl...

CWE-2692021

CVE-2021-31581

MEDIUM
CVSS:4.4(Medium)

The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which...

CWE-2692021

CVE-2022-27840

MEDIUM
CVSS:4.4(Medium)

Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission.

CWE-2692022