CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2024-24912 MEDIUM
Harmony Endpoint Security Client <E88.10 - Privilege Escalation
CVSS 6.7
CVE-2024-33435 CRITICAL
Ncast Yingshi <2017 - RCE
CVSS 9.8
CVE-2024-3375 CRITICAL
Havelsan Inc. Dialogue <1.83.1-1.84 - Privilege Escalation
CVSS 9.4
CVE-2024-2905 MEDIUM
rpm-ostree - Info Disclosure
CVSS 6.2
CVE-2024-32478 MEDIUM
Git Credential Manager <2.5.0 - Privilege Escalation
CVSS 6.9
CVE-2024-29964 MEDIUM
Brocade SANnav <2.3.0a - Info Disclosure
CVSS 5.7
CVE-2024-24910 HIGH
Check Point ZoneAlarm ExtremeSecurity - Privilege Escalation
CVSS 7.3
CVE-2024-21063 MEDIUM
Oracle Peoplesoft Enterprise Hcm Bene... - Incorrect Permission Assignment
CVSS 6.1
CVE-2024-22334 MEDIUM
IBM UrbanCode Deploy <7.3.2.4 - Privilege Escalation
CVSS 4.4
CVE-2024-25646 HIGH
SAP Businessobjects Web Intelligence - Incorrect Permission Assignment
CVSS 7.7
CVE-2024-30413 HIGH
Huawei Emui - Incorrect Permission Assignment
CVSS 7.5
CVE-2024-3250 MEDIUM
Canonical Pebble < 1.4.1 - Incorrect Permission Assignment
CVSS 6.5
CVE-2024-28589 MEDIUM
Axigen Mail Server <10.5.18 - RCE
CVSS 6.7
CVE-2024-25956 MEDIUM
Dell Grab < 5.0.5 - Incorrect Permission Assignment
CVSS 5.5
CVE-2024-29187 HIGH
WiX toolset <4.0.5 - Privilege Escalation
CVSS 7.3
CVE-2024-28745 LOW
ABEMA App <10.65.0 - SSRF
CVSS 3.3
CVE-2024-21431 HIGH
Microsoft Windows 10 21h2 - Incorrect Permission Assignment
CVSS 7.8
CVE-2024-28163 MEDIUM
SAP Netweaver Process Integration - Incorrect Permission Assignment
CVSS 5.3
CVE-2024-25645 MEDIUM
SAP Netweaver Enterprise Portal - Incorrect Permission Assignment
CVSS 5.3
CVE-2024-25644 MEDIUM
SAP Netweaver - Incorrect Permission Assignment
CVSS 5.3
CVE-2024-27294 HIGH
dp-golang <1.2.7 - Privilege Escalation
CVSS 7.3
CVE-2024-0019 MEDIUM
Google Android - Incorrect Permission Assignment
CVSS 5.0
CVE-2024-21915 CRITICAL
Rockwellautomation Factorytalk Servic... - Incorrect Permission Assignment
CVSS 9.0
CVE-2024-24740 MEDIUM
SAP NetWeaver Application Server - Info Disclosure
CVSS 5.3
CVE-2024-22016 HIGH
Rapid SCADA <5.8.4 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits