CVE-2024-22068

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-269
View all →

Vulnerability Description

Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier.

Related Vulnerabilities

CVE-2013-2625

MEDIUM
CVSS:6.5(Medium)

An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking ...

CWE-2692013

CVE-2015-5071

MEDIUM
CVSS:6.5(Medium)

AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary files via the __report parameter of t...

CWE-2692015

CVE-2015-5072

MEDIUM
CVSS:6.5(Medium)

The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the __imageid pa...

CWE-2692015

CVE-2016-0767

MEDIUM
CVSS:6.5(Medium)

PostgreSQL PL/Java before 1.5.0 allows remote authenticated users with USAGE permission on the public schema to alter the public schema classpath.

CWE-2692016

CVE-2016-11011

MEDIUM
CVSS:6.5(Medium)

The wp-invoice plugin before 4.1.1 for WordPress has wpi_update_user_option privilege escalation.

CWE-2692016

CVE-2016-2192

MEDIUM
CVSS:6.5(Medium)

PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for types they do not own.

CWE-2692016