CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552
CVE-2024-29225 MEDIUM
WRC-X3200GST3-B <1.25 & WRC-G01-W <1.24 - Info Disclosure
CVSS 4.3
CVE-2024-2052 HIGH
Files or Directories Accessible - Info Disclosure
CVSS 7.5
CVE-2024-27894 HIGH
Pulsar Functions Worker - Code Injection
CVSS 8.5
CVE-2024-2364 LOW
Musicshelf 1.0/1.1 - Info Disclosure
CVSS 1.8
CVE-2024-2056 CRITICAL
Artica Proxy - Unauthenticated Arbitrary File Read via Exposed Tailon Service
CVSS 9.8
CVE-2024-2055 CRITICAL
Artica Proxy - Privilege Escalation
CVSS 9.8
CVE-2024-21403 CRITICAL
Microsoft Azure Kubernetes Service - Privilege Escalation
CVSS 9.0
CVE-2024-22240 MEDIUM
Aria Operations for Networks - Info Disclosure
CVSS 4.9
CVE-2024-24161 HIGH
MRCMS 3.0 - Arbitrary File Read via /admin/file/edit.do Path Parameter
CVSS 7.5
CVE-2024-1005 MEDIUM
Shanxi Diankeyun Technology NODERP <6.0.2 - Info Disclosure
CVSS 5.3
CVE-2023-41566 HIGH
OA EKP v16 - Arbitrary File Download via sysUiExtend.do
CVSS 8.1
CVE-2023-29080 HIGH
Revenera InstallShield 2022 R2-2021 R2 - Privilege Escalation
CVE-2023-20039 MEDIUM
Cisco Industrial Network Director < 1.11.3 - Authenticated Sensitive Data Exposure via Insufficient File Permissions
CVSS 5.5
CVE-2023-49198 HIGH
Apache SeaTunnel <1.0.1 - Info Disclosure
CVSS 7.5
CVE-2023-41916 MEDIUM
Apache Linkis <1.4.0 - Info Disclosure
CVSS 6.5
CVE-2023-39480 MEDIUM
Softing Secure Integration Server - RCE
CVSS 6.5
CVE-2023-39479 HIGH
Softing Secure Integration Server - Info Disclosure
CVSS 8.8
CVE-2023-48710 CRITICAL
iTop < 2.7.10 - Unauthenticated Arbitrary File Read via env-production Folder
CVSS 9.8
CVE-2023-45594 MEDIUM
AiLux imx6 <imx6_1.0.7-2 - Files or Directories Accessible to Exter...
CVSS 6.8
CVE-2023-4550 HIGH
OpenText AppBuilder <23.2 - Info Disclosure
CVSS 7.5
CVE-2023-47202 HIGH
Trend Micro Apex One - Privilege Escalation
CVSS 7.8
CVE-2023-52112 MEDIUM
Wallpaper Service Module - Info Disclosure
CVSS 5.3
CVE-2023-6266 HIGH
WordPress Backup Migration <1.3.6 - Info Disclosure
CVSS 7.5
CVE-2023-6114 HIGH
Duplicator <1.5.7.1-4.5.14.2 - Info Disclosure
CVSS 7.5
CVE-2023-48661 MEDIUM
Dell vApp Manager <9.2.4 - Info Disclosure
CVSS 4.9
Details
Vulnerabilities 474
Links
MITRE CWE Entry Search this CWE With Exploits