CVE-2024-7480

MEDIUM Year: 2024
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-269
View all →

Vulnerability Description

An Improper access control vulnerability was found in Avaya Aura System Manager which could allow a command-line interface (CLI) user with administrative privileges to read arbitrary files on the system. Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer support.

Related Vulnerabilities

CVE-2018-12261

MEDIUM
CVSS:4.4(Medium)

An issue was discovered on Momentum Axel 720P 5.1.8 devices. All processes run as root.

CWE-2692018

CVE-2018-1368

MEDIUM
CVSS:4.4(Medium)

IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with low privileges to view report pages and perform some actions that only an admin should be performing, so...

CWE-2692018

CVE-2021-23880

MEDIUM
CVSS:4.4(Medium)

Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of th...

CWE-2692021

CVE-2021-23882

MEDIUM
CVSS:4.4(Medium)

Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by pl...

CWE-2692021

CVE-2021-31581

MEDIUM
CVSS:4.4(Medium)

The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which...

CWE-2692021

CVE-2022-27840

MEDIUM
CVSS:4.4(Medium)

Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission.

CWE-2692022