CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2022-41766 MEDIUM
MediaWiki <1.35.8-1.37.5-1.38.3 - Info Disclosure
CVSS 4.3
CVE-2022-46656 MEDIUM
Intel(R) NUC Pro Software Suite <2.0.0.3 - Privilege Escalation
CVSS 6.7
CVE-2022-41771 MEDIUM
Intel(R) QAT <1.9.0 - Info Disclosure
CVSS 6.5
CVE-2022-41699 HIGH
Intel(R) QAT <1.9.0 - Privilege Escalation
CVSS 8.2
CVE-2022-41658 MEDIUM
Intel VTune <2023.0 - Privilege Escalation
CVSS 6.7
CVE-2022-38103 MEDIUM
Intel(R) NUC Software Studio Service <1.17.38.0 - Privilege Escalation
CVSS 6.7
CVE-2022-43946 HIGH
Fortinet FortiClientWindows <7.0.7 - RCE
CVSS 7.5
CVE-2022-43309 MEDIUM
Supermicro X11SSL-CF - Info Disclosure
CVSS 5.5
CVE-2022-43773 HIGH
Hitachi Vantara Pentaho <9.4.0.1-9.3.0.2 - Info Disclosure
CVSS 8.8
CVE-2022-3146 MEDIUM
Openstack Tripleo Ansible - Path Traversal
CVSS 5.5
CVE-2022-3101 MEDIUM
Openstack Tripleo Ansible - Path Traversal
CVSS 5.5
CVE-2022-25992 HIGH
Intel(R) oneAPI Toolkits oneapi-cli <0.2.0 - Privilege Escalation
CVSS 7.5
CVE-2022-21939 HIGH
Johnson Controls SCT <14.2.3, <15.0.3 - Info Disclosure
CVSS 7.5
CVE-2022-42972 HIGH
Schneider-electric Apc Easy Ups Onlin... - Incorrect Permission Assignment
CVSS 7.8
CVE-2022-44715 HIGH
Netscout Ngeniusone - Incorrect Permission Assignment
CVSS 8.8
CVE-2022-44263 HIGH
Dentsply Sirona Sidexis <= 4.3 - Privilege Escalation
CVSS 7.8
CVE-2022-34457 HIGH
Dell Command|configure < 4.9.0 - Improper Access Control
CVSS 7.3
CVE-2022-48257 MEDIUM
Eternal Terminal - Incorrect Permission Assignment
CVSS 5.3
CVE-2022-39186 MEDIUM
Exfo Bv-10 Firmware - Incorrect Permission Assignment
CVSS 6.2
CVE-2022-47927 MEDIUM
Mediawiki < 1.35.9 - Incorrect Permission Assignment
CVSS 5.5
CVE-2022-4365 MEDIUM
GitLab CE/EE <15.5.7-15.6.4-15.7.2 - Info Disclosure
CVSS 5.5
CVE-2022-4630 MEDIUM
GitHub lirantal/daloradius <master - Info Disclosure
CVSS 5.3
CVE-2022-42949 HIGH
Silverstripe Subsites < 2.6.0 - Incorrect Permission Assignment
CVSS 7.5
CVE-2022-43517 HIGH
Simcenter STAR-CCM+ <V2306 - Privilege Escalation
CVSS 7.8
CVE-2022-23143 MEDIUM
ZTE Otcp Firmware < 2.21.40.06 - Incorrect Permission Assignment
CVSS 6.5
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits