CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2020-13866 HIGH
Qbik Wingate - Incorrect Permission Assignment
CVSS 7.8
CVE-2020-13912 HIGH
Solarwinds Advanced Monitoring Agent - Incorrect Permission Assignment
CVSS 7.3
CVE-2020-13386 HIGH
SmartDraw 2020 <27.0.0.0 - Privilege Escalation
CVSS 7.3
CVE-2020-12431 MEDIUM
Splashtop Software Updater <1.5.6.16 - Privilege Escalation
CVSS 6.6
CVE-2020-12831 MEDIUM
FRRouting FRR <7.3.1 - Info Disclosure
CVSS 5.3
CVE-2020-8153 HIGH
Groupfolders app 4.0.3 - Info Disclosure
CVSS 8.1
CVE-2020-5895 HIGH
NGINX Controller <3.3.0 - Memory Corruption
CVSS 7.8
CVE-2020-3312 HIGH
Cisco Firepower Threat Defense - Info Disclosure
CVSS 7.5
CVE-2020-11443 HIGH
Zoom IT Installer < 4.6.10 - Symlink Following
CVSS 8.1
CVE-2020-12459 MEDIUM
Grafana 6.x-6.3.6 - Info Disclosure
CVSS 5.5
CVE-2020-12458 MEDIUM
Grafana <6.7.3 - Info Disclosure
CVSS 5.5
CVE-2020-8473 HIGH
ABB System 800xA Base <6.1 - Privilege Escalation
CVSS 7.3
CVE-2020-8472 MEDIUM
ABB System 800xA - Privilege Escalation
CVSS 5.5
CVE-2020-12120 HIGH
Prestashop Correos Express < 1.7 - Incorrect Permission Assignment
CVSS 7.5
CVE-2020-4311 HIGH
IBM Tivoli Monitoring - Incorrect Permission Assignment
CVSS 7.0
CVE-2020-4347 HIGH
IBM Infosphere Information Server - Incorrect Permission Assignment
CVSS 7.3
CVE-2020-0557 HIGH
Intel Proset/wireless Wifi - Incorrect Permission Assignment
CVSS 7.8
CVE-2020-10699 HIGH
Linux <2.1.51 - Privilege Escalation
CVSS 7.8
CVE-2020-10513 HIGH
iCatch DVR <20200103 - Privilege Escalation
CVSS 8.8
CVE-2020-10642 HIGH
Rockwell Automation RSLinx Classic <4.11.00 - Privilege Escalation
CVSS 7.8
CVE-2020-10551 HIGH
QQBrowser <10.5.3870.400 - Privilege Escalation
CVSS 7.8
CVE-2020-4289 MEDIUM
IBM Security Information Queue - Incorrect Permission Assignment
CVSS 5.3
CVE-2020-11107 HIGH
XAMPP <7.2.29, <7.3.16, <7.4.4 - Command Injection
CVSS 8.8
CVE-2020-7263 MEDIUM
Mcafee Endpoint Security - Incorrect Permission Assignment
CVSS 6.5
CVE-2020-10883 HIGH
TP-Link Archer A7 Firmware <190726 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits