CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2023-6883 MEDIUM
Easysocialfeed Easy Social Feed - Incorrect Permission Assignment
CVSS 4.3
CVE-2023-6506 MEDIUM
WP 2FA - Insecure Direct Object Reference
CVSS 4.3
CVE-2023-44120 HIGH
Spectrum Power 7 <V23Q4 - Privilege Escalation
CVSS 7.8
CVE-2023-41776 MEDIUM
ZTE Zxcloud Irai < 7.23.32 - Incorrect Permission Assignment
CVSS 6.7
CVE-2023-7055 MEDIUM
Phpgurukul Online Notes Sharing System - Improper Access Control
CVSS 4.3
CVE-2023-46142 HIGH
PLCnext - Privilege Escalation
CVSS 8.8
CVE-2023-46141 CRITICAL
PHOENIX CONTACT classic - Privilege Escalation
CVSS 9.8
CVE-2023-0757 CRITICAL
Phoenixcontact Multiprog - Incorrect Permission Assignment
CVSS 9.8
CVE-2023-25648 MEDIUM
ZTE Zxcloud Irai < 7.23.21 - Incorrect Permission Assignment
CVSS 6.5
CVE-2023-6593 CRITICAL
Drm 2023.3.4.0- - Privilege Escalation
CVSS 9.8
CVE-2023-49580 HIGH
SAP Graphical User Interface - Incorrect Permission Assignment
CVSS 7.3
CVE-2023-49578 LOW
SAP Cloud Connector - Incorrect Permission Assignment
CVSS 3.5
CVE-2023-42924 MEDIUM
Apple Macos < 13.6.3 - Incorrect Permission Assignment
CVSS 5.5
CVE-2023-50446 HIGH
Mullvad VPN < 2023.5 - Incorrect Permission Assignment
CVSS 7.8
CVE-2023-49797 HIGH
Pyinstaller < 5.13.1 - Incorrect Permission Assignment
CVSS 8.8
CVE-2023-40302 CRITICAL
Netscout Ngeniuspulse - Incorrect Permission Assignment
CVSS 9.1
CVE-2023-49946 CRITICAL
Forgejo < 1.20.5-1 - Incorrect Permission Assignment
CVSS 9.1
CVE-2023-29065 MEDIUM
FACSChorus - Info Disclosure
CVSS 4.1
CVE-2023-5651 MEDIUM
Thimpress WP Hotel Booking < 2.0.8 - Incorrect Permission Assignment
CVSS 5.4
CVE-2023-6179 HIGH
Honeywell ProWatch <6.0.2 - RCE
CVSS 7.8
CVE-2023-48087 MEDIUM
Xuxueli Xxl-job - Incorrect Permission Assignment
CVSS 5.4
CVE-2023-39230 MEDIUM
Intel Rapid Storage Technology <16.8.5.1014.9 - Privilege Escalation
CVSS 6.7
CVE-2023-34997 MEDIUM
Intel Server Configuration Utility - Incorrect Permission Assignment
CVSS 6.7
CVE-2023-34314 MEDIUM
Intel Simics Simulator < 1.7.2 - Incorrect Permission Assignment
CVSS 6.7
CVE-2023-36633 MEDIUM
FortiMail <7.2.2, >7.0.4 - Auth Bypass
CVSS 5.4
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits