CVE-2024-48013

HIGH Year: 2024
CVSS v3 Score
8.8
High
Weakness Type
CWE-250
View all →

Vulnerability Description

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.

Related Vulnerabilities

CVE-2018-10856

HIGH
CVSS:8.8(High)

It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.

CWE-2502018

CVE-2018-5413

HIGH
CVSS:8.8(High)

Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation.

CWE-2502018

CVE-2018-8853

HIGH
CVSS:8.8(High)

Philips Brilliance CT devices operate user functions from within a contained kiosk in a Microsoft Windows operating system. Windows boots by default with elevated Windows privileges, enabling a kiosk ...

CWE-2502018

CVE-2019-10167

HIGH
CVSS:8.8(High)

The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since...

CWE-2502019

CVE-2019-10168

HIGH
CVSS:8.8(High)

The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emul...

CWE-2502019

CVE-2020-14493

HIGH
CVSS:8.8(High)

A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands.

CWE-2502020