Starwindsoftware Command Center vulnerabilities

CVE-2021-4034 [HIGH] CWE-787 CVE-2021-4034: A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec applicat A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variabl

CVE-2022-23858 [HIGH] CVE-2022-23858: A flaw was found in the REST API. An improperly handled REST API call could allow any logged user to A flaw was found in the REST API. An improperly handled REST API call could allow any logged user to elevate privileges up to the system account. This affects StarWind Command Center build 6003 v2.

CVE-2019-20807 [MEDIUM] CWE-78 CVE-2019-20807: In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS comma In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).