CVE-2023-28062

HIGH Year: 2023
CVSS v3 Score
8.8
High
Weakness Type
CWE-648
View all →

Vulnerability Description

Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions.

Related Vulnerabilities

CVE-2022-20956

HIGH
CVSS:8.8(High)

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files. This vulner...

CWE-6482022

CVE-2024-37018

CRITICAL
CVSS:9.1(Critical)

The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an application can manipulate the path that is taken by discovery packets.

CWE-6482024

CVE-2022-24821

HIGH
CVSS:8.1(High)

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Simple users can create global SSX/JSX without specific rights: in theory only users with Progr...

CWE-6482022

CVE-2022-4687

HIGH
CVSS:8.1(High)

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.0.

CWE-6482022

CVE-2022-4796

HIGH
CVSS:8.1(High)

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1.

CWE-6482022

CVE-2019-1010178

CRITICAL
CVSS:9.8(Critical)

Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The at...

CWE-6482019