CWE-281

Improper Preservation of Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

321 vulnerabilities with CWE-281
CVE-2024-22402 MEDIUM
Nextcloud - Permissions Bypass
CVSS 5.4
CVE-2024-22401 MEDIUM
Nextcloud Guests <2.4.1-3.0.1 - Privilege Escalation
CVSS 4.1
CVE-2023-32199 MEDIUM
Rancher Manager - Privilege Escalation
CVSS 4.3
CVE-2023-42231 HIGH
Zucchetti HelpdeskAdvanced <= 11.0.33 - Incorrect Access Control
CVSS 8.1
CVE-2023-42228 HIGH
Zucchetti HelpdeskAdvanced <= 11.0.33 - Incorrect Access Control
CVSS 8.8
CVE-2023-42867 HIGH
GarageBand <10.4.9 - Privilege Escalation
CVSS 7.8
CVE-2023-25646 HIGH
ZTE H388X - Privilege Escalation
CVSS 7.1
CVE-2023-52542 MEDIUM
System Module - DoS
CVSS 6.5
CVE-2023-49932 MEDIUM
Couchbase Server <7.2.4 - Auth Bypass
CVSS 5.4
CVE-2023-52373 HIGH
Content Sharing Pop-up - Info Disclosure
CVSS 7.5
CVE-2023-6186 HIGH
LibreOffice - RCE
CVSS 8.3
CVE-2023-47463 CRITICAL
GL.iNet AX1800 <4.5.0 - RCE
CVSS 9.8
CVE-2023-6239 MEDIUM
M-Files Server <23.11.13168.7 - Privilege Escalation
CVSS 5.4
CVE-2023-48240 CRITICAL
Xwiki < 14.10.15 - SSRF
CVSS 9.0
CVE-2023-43612 HIGH
OpenHarmony <3.2.2 - Info Disclosure
CVSS 8.4
CVE-2023-4996 MEDIUM
Netskope NSClient <100 - Privilege Escalation
CVSS 6.6
CVE-2023-39902 HIGH
NXP Uboot Secondary Program Loader < 2023.07 - Privilege Escalation
CVSS 7.0
CVE-2023-45807 MEDIUM
OpenSearch - Privilege Escalation
CVSS 5.4
CVE-2023-30735 MEDIUM
SAssistant <8.7 - Info Disclosure
CVSS 5.1
CVE-2023-41939 HIGH
Jenkins SSH2 Easy Plugin <1.4 - Privilege Escalation
CVSS 8.8
CVE-2023-31926 HIGH
Brocade Fabric OS <9.1.1c, 9.2.0 - Code Injection
CVSS 7.1
CVE-2023-1386 LOW
QEMU - Privilege Escalation
CVSS 3.3
CVE-2023-34034 CRITICAL
Spring Security - SSRF
CVSS 9.1
CVE-2023-21249 MEDIUM
OneTimePermissionUserManager - Privilege Escalation
CVSS 5.5
CVE-2023-35938 MEDIUM
Tuleap <14.9.99.63 - Privilege Escalation
CVSS 4.1
Details
Vulnerabilities 321
Links
MITRE CWE Entry Search this CWE With Exploits