CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2022-40756 HIGH
Actian Psql < 13 - Incorrect Permission Assignment
CVSS 8.8
CVE-2022-23726 MEDIUM
Pingidentity Pingcentral < 1.8.4 - Information Disclosure
CVSS 5.4
CVE-2022-32169 MEDIUM
Bytebase < 1.0.4 - Improper Authorization
CVSS 4.3
CVE-2022-40817 MEDIUM
Zammad 5.2.1 - Info Disclosure
CVSS 4.3
CVE-2022-35250 MEDIUM
Rocket.chat < 5.0 - Incorrect Permission Assignment
CVSS 4.3
CVE-2022-40298 HIGH
Crestron Airmedia - Incorrect Permission Assignment
CVSS 8.8
CVE-2022-28802 CRITICAL
Code by Zapier <2022-08-17 - Privilege Escalation
CVSS 9.9
CVE-2022-2995 HIGH
Kubernetes Cri-o < 1.25.0 - Improper Access Control
CVSS 7.1
CVE-2022-2332 MEDIUM
Honeywell SoftMaster <4.51 - Privilege Escalation
CVSS 6.2
CVE-2022-22330 MEDIUM
IBM Control Desk 7.6.1 - Info Disclosure
CVSS 5.3
CVE-2022-20399 MEDIUM
Android - Info Disclosure
CVSS 5.5
CVE-2022-20398 HIGH
Android - Privilege Escalation
CVSS 7.8
CVE-2022-39207 MEDIUM
Onedev < 7.3.0 - XSS
CVSS 5.4
CVE-2022-36103 HIGH
Talos Linux - Info Disclosure
CVSS 7.2
CVE-2022-37771 MEDIUM
Iobit Malware Fighter - Incorrect Permission Assignment
CVSS 6.7
CVE-2022-36670 MEDIUM
Pcprotect Endpoint < 5.17.470 - Incorrect Permission Assignment
CVSS 6.7
CVE-2022-38170 MEDIUM
Apache Airflow <2.3.4 - Info Disclosure
CVSS 4.7
CVE-2022-37435 HIGH
Apache Shenyu < 2.5.0 - Incorrect Permission Assignment
CVSS 8.8
CVE-2022-32778 HIGH
Wwbn Avideo - Incorrect Permission Assignment
CVSS 7.5
CVE-2022-32777 HIGH
Wwbn Avideo - Incorrect Permission Assignment
CVSS 7.5
CVE-2022-35167 HIGH
Prinitix Cloud Print Management - Incorrect Permission Assignment
CVSS 8.8
CVE-2022-22411 MEDIUM
IBM Spectrum Scale DAS <5.1.3.1 - Code Injection
CVSS 6.5
CVE-2022-36800 MEDIUM
Atlassian Jira Service Management - Incorrect Permission Assignment
CVSS 4.3
CVE-2022-34112 MEDIUM
Dataease v1.11.1 - Privilege Escalation
CVSS 6.5
CVE-2022-1655 MEDIUM
Redhat Openstack - Incorrect Permission Assignment
CVSS 6.5
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits