CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2020-15328 MEDIUM
Zyxel CloudCNM SecuManager <3.1.1 - Info Disclosure
CVSS 5.3
CVE-2020-27836 CRITICAL
Redhat Openshift Container Platform - Incorrect Permission Assignment
CVSS 9.8
CVE-2020-1754 MEDIUM
Moodle <3.8.2, <3.7.5, <3.6.9, <3.5.11 - Info Disclosure
CVSS 4.3
CVE-2020-4146 MEDIUM
IBM Security Siteprotector System - Incorrect Permission Assignment
CVSS 5.3
CVE-2020-14263 LOW
Hcltech Traveler Companion < 12.0.0 - Incorrect Permission Assignment
CVSS 3.9
CVE-2020-18121 HIGH
Indexhibit 2.1.5 - Code Injection
CVSS 8.8
CVE-2020-0417 HIGH
Google Android - Incorrect Permission Assignment
CVSS 7.8
CVE-2020-4945 HIGH
IBM Db2 - Incorrect Permission Assignment
CVSS 8.1
CVE-2020-1742 HIGH
nmstate/kubernetes-nmstate-handler < v2.3.0-30 - Privilege Escalation
CVSS 7.0
CVE-2020-14335 MEDIUM
Redhat Satellite - Information Disclosure
CVSS 5.5
CVE-2020-1701 MEDIUM
KubeVirt <0.26.0 - Privilege Escalation
CVSS 6.5
CVE-2020-28910 CRITICAL
Nagios XI < 5.7.5 - Incorrect Permission Assignment
CVSS 9.8
CVE-2020-28909 HIGH
Nagios Fusion < 4.1.8 - Incorrect Permission Assignment
CVSS 8.8
CVE-2020-27568 HIGH
Aviatrix Controller <5.3.1516 - Info Disclosure
CVSS 7.5
CVE-2020-26155 HIGH
Utimaco Block-safe Firmware < 4.31.0 - Uncontrolled Search Path
CVSS 7.8
CVE-2020-24263 HIGH
Portainer <1.24.1 - RCE
CVSS 8.8
CVE-2020-8029 LOW
SUSE CaaS Platform 4.5 - Privilege Escalation
CVSS 2.9
CVE-2020-26196 MEDIUM
Dell Emc Powerscale Onefs - Incorrect Permission Assignment
CVSS 5.5
CVE-2020-26194 HIGH
Dell Emc Powerscale Onefs - Incorrect Permission Assignment
CVSS 7.0
CVE-2020-10553 MEDIUM
Psyprax <3.2.2 - Info Disclosure
CVSS 5.5
CVE-2020-17522 MEDIUM
Apache Traffic Control <4.1.0 - Info Disclosure
CVSS 5.8
CVE-2020-28482 MEDIUM
Fastify-csrf < 3.0.0 - Information Disclosure
CVSS 5.9
CVE-2020-36154 HIGH
Pearson Vue Testing System - Incorrect Permission Assignment
CVSS 7.8
CVE-2020-25507 HIGH
3DS Teamwork Cloud < 19.0 - Incorrect Permission Assignment
CVSS 7.8
CVE-2020-28169 HIGH
Td-agent-builder < 2020-12-18 - Incorrect Permission Assignment
CVSS 7.0
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits