CVE-2024-1898

LOW Year: 2024
CVSS v3 Score
3.9
Low
Weakness Type
CWE-284
View all →

Vulnerability Description

Improper access control in the notification feature in Devolutions Server 2023.3.14.0 and earlier allows a low privileged user to change notifications settings configured by an administrator.

Related Vulnerabilities

CVE-2017-18384

LOW
CVSS:3.8(Low)

cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310).

CWE-2842017

CVE-2018-15398

MEDIUM
CVSS:4.0(Medium)

A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker t...

CWE-2842018

CVE-2019-10187

MEDIUM
CVSS:4.0(Medium)

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct acces...

CWE-2842019

CVE-2019-10188

MEDIUM
CVSS:4.0(Medium)

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in a quiz group could modify group overrides for other groups in the same quiz.

CWE-2842019

CVE-2019-10189

MEDIUM
CVSS:4.0(Medium)

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment.

CWE-2842019

CVE-2022-38388

MEDIUM
CVSS:4.0(Medium)

IBM Navigator Mobile Android 3.4.1.1 and 3.4.1.2 app could allow a local user to obtain sensitive information due to improper access control. IBM X-Force ID: 233968.

CWE-2842022