CWE-277

Insecure Inherited Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

A product defines a set of insecure permissions that are inherited by objects that are created by the program.

70 vulnerabilities with CWE-277
CVE-2024-25561 MEDIUM
Intel(R) HID Event Filter <2.2.2.1 - Privilege Escalation
CVSS 6.7
CVE-2024-23908 MEDIUM
Flexlm License Daemons For Intel Fpga < 11.19.5.0 - Incorrect Permission Assignment
CVSS 6.7
CVE-2024-7143 HIGH
Pulp - Insecure Inherited Permissions via AutoAddObjPermsMixin
CVSS 8.3
CVE-2024-36542 HIGH
kuma 2.7.0 - Insecure Inherited Permissions
CVSS 8.8
CVE-2024-36540 CRITICAL
external-secrets <0.9.16 - Privilege Escalation
CVSS 9.8
CVE-2024-36539 CRITICAL
Contour <1.28.3 - Privilege Escalation
CVSS 9.8
CVE-2024-34329 HIGH
Entrust Datacard XPS Card Printer Driver <8.5 - RCE
CVSS 8.4
CVE-2024-41601 HIGH
lin-CMS <= 0.2.0 - Information Disclosure via UserController Login Method
CVSS 7.5
CVE-2024-39877 HIGH
Apache Airflow 2.4.0-2.9.2 - Authenticated Remote Code Execution via doc_md Parameter
CVSS 8.8
CVE-2024-6605 HIGH
Firefox <128 - Privilege Escalation
CVSS 8.8
CVE-2024-36691 MEDIUM
PPGo_Jobs <2.8.0 - Privilege Escalation
CVSS 6.3
CVE-2024-27848 HIGH
macOS Sonoma <14.5 - Privilege Escalation
CVSS 7.8
CVE-2024-21835 MEDIUM
Intel Extreme Tuning Utility < 7.14.0.15 - Authenticated Privilege Escalation via Insecure Inherited Permissions
CVSS 6.7
CVE-2024-27847 MEDIUM
iPadOS < 16.7.8 - Privacy Preferences Bypass
CVSS 5.5
CVE-2024-27834 MEDIUM
Safari < 17.5 - Pointer Authentication Bypass via Insecure Inherited Permissions
CVSS 5.5
CVE-2024-27825 HIGH
macOS Sonoma 14.5 - Privilege Escalation
CVSS 7.1
CVE-2024-27822 HIGH
macOS Sonoma <14.5 - Privilege Escalation
CVSS 7.8
CVE-2024-29417 HIGH
e-trust Horacius <1.2 - Privilege Escalation
CVSS 8.4
CVE-2024-23233 HIGH
macOS Sonoma <14.4 - Info Disclosure
CVSS 7.8
CVE-2023-28207 MEDIUM
macOS < 11.7.5 - Unprotected User Data Exposure via Plugin Permission Inheritance
CVSS 5.5
CVE-2023-45736 MEDIUM
Intel(R) Power Gadget - Privilege Escalation
CVSS 6.7
CVE-2023-33870 MEDIUM
Intel(R) Ethernet - Privilege Escalation
CVSS 6.7
CVE-2023-38541 MEDIUM
Intel HID Event Filter <2.2.2.1 - Privilege Escalation
CVSS 6.7
CVE-2023-29065 MEDIUM
FACSChorus - Unprotected Database Access via Inherited User Privileges
CVSS 4.1
CVE-2023-39230 MEDIUM
Intel Rapid Storage Technology <16.8.5.1014.9 - Privilege Escalation
CVSS 6.7
Details
Vulnerabilities 70
Links
MITRE CWE Entry Search this CWE With Exploits