CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,664 vulnerabilities with CWE-732
CVE-2020-26106 HIGH
cPanel < 88.0.3 - Incorrect Permission Assignment for Proxy Subdomains Log File
CVSS 7.5
CVE-2020-17365 HIGH
Hotspot Shield VPN client <10.3.0 - Privilege Escalation
CVSS 7.8
CVE-2020-3503 MEDIUM
Cisco IOS XE - Authenticated Improper Access Control in File System Permissions
CVSS 6.0
CVE-2020-12842 CRITICAL
is smart gate PRO 1.5.9 - Privilege Escalation
CVSS 9.8
CVE-2020-12839 CRITICAL
is smart gate PRO 1.5.9 - Privilege Escalation
CVSS 9.8
CVE-2020-12838 CRITICAL
is smart gate PRO <1.5.9 - Privilege Escalation
CVSS 9.8
CVE-2020-25826 HIGH
PingID Integration for Windows Login < 2.4.2 - Privilege Escalation via CefSharp.BrowserSubprocess.exe Modification
CVSS 7.8
CVE-2020-16202 HIGH
Advantech WebAccess < 9.0.1 - Incorrect Permission Assignment for Critical Resource
CVSS 7.8
CVE-2020-11855 HIGH
Micro Focus Operation Bridge Reporter < 10.40 - Local Privilege Escalation via Incorrect Permission Assignment
CVSS 7.8
CVE-2020-15776 HIGH
Gradle Enterprise 2018.2-2020.2.4 - Cross-Site Request Forgery via Non-HttpOnly CSRF Token
CVSS 8.8
CVE-2020-1694 MEDIUM
Keycloak < 10.0.0 - Unauthenticated Information Disclosure via NodeJS Adapter
CVSS 4.9
CVE-2020-10781 MEDIUM
Linux Kernel <5.8-rc6 - Memory Corruption
CVSS 5.5
CVE-2020-7314 HIGH
McAfee Agent for Mac < 5.6.6 - Privilege Escalation via Incorrect Temporary File Permissions
CVSS 8.2
CVE-2020-23834 HIGH
Real Time Logic BarracudaDrive <6.5 - Privilege Escalation
CVSS 8.8
CVE-2020-5369 HIGH
Dell EMC Isilon OneFS <= 8.2.2 and PowerScale OneFS 9.0.0 - Privilege Escalation via SyncIQ
CVSS 8.8
CVE-2020-24355 CRITICAL
Zyxel VMG5313-B30B - Privilege Escalation
CVSS 9.8
CVE-2020-17402 MEDIUM
Parallels Desktop 15.1.4 - Info Disclosure
CVSS 6.5
CVE-2020-5417 HIGH
Cloud Foundry CAPI <1.97.0 - Info Disclosure
CVSS 8.8
CVE-2020-24394 HIGH
Linux kernel <5.7.8 - Privilege Escalation
CVSS 7.1
CVE-2020-5385 MEDIUM
Dell Encryption < 10.8 and Endpoint Security Suite < 2.8 - Privilege Escalation via Symbolic Link
CVSS 6.7
CVE-2020-0559 HIGH
Intel PROSet/Wireless WiFi Firmware < 21.40.5.1 - Authenticated Privilege Escalation via Insecure Inherited Permissions
CVSS 7.8
CVE-2020-8731 HIGH
Intel(R) Server <1.59 - Privilege Escalation
CVSS 8.8
CVE-2020-6295 HIGH
SAP Adaptive Server Enterprise 16.0 - Info Disclosure
CVSS 7.8
CVE-2020-4631 MEDIUM
IBM Spectrum Protect Plus 10.1.0-10.1.6 - Incorrect Permission Assignment for Critical Resource
CVSS 5.5
CVE-2020-13915 HIGH
Ruckus Wireless Unleashed < 200.7.10.102.92 - Unauthenticated Admin Credential Overwrite via HTTP Request
CVSS 7.5
Details
Vulnerabilities 1,664
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits