CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,664 vulnerabilities with CWE-732

CVE-2020-8635 HIGH

Wing FTP Server <6.2.3 - Privilege Escalation

CVSS 7.8

CVE-2020-4278 HIGH

IBM Platform LSF 9.1, 10.1 and IBM Spectrum LSF Suite 10.2 - Privilege Escalation via Weak File Permissions

CVSS 7.8

CVE-2020-8768 CRITICAL

Phoenix Contact Emalytics Controller ILC 2050 BI and BI-L < 1.2.3 - Unauthenticated Configuration Access

CVSS 9.4

CVE-2020-1704 HIGH

OpenShift ServiceMesh <1.0.8 - Privilege Escalation

CVSS 7.0

CVE-2020-9024 CRITICAL

Iteris Vantage Velocity Firmware 2.3.1 and 2.4.2 - Incorrect Permission Assignment for Critical Resource

CVSS 9.8

CVE-2020-7050 MEDIUM

Codologic Codoforum <= 4.8.4 - DOM-based Cross-Site Scripting via Poll Feature

CVSS 5.4

CVE-2020-0563 HIGH

Intel Manycore Platform Software Stack < 3.8.6 - Authenticated Privilege Escalation via Installer Permissions

CVSS 7.8

CVE-2020-7051 MEDIUM

Codologic Codoforum <= 4.8.4 - Stored Cross-Site Scripting in Login Area

CVSS 6.1

CVE-2020-0668 HIGH

Windows - Elevation of Privilege via Kernel Memory Object Handling

CVSS 7.8

CVE-2019-25344 HIGH

Wondershare MobileGo 8.5.0 - Privilege Escalation

CVSS 7.8

CVE-2019-25343 HIGH

NextVPN 4.10 - Privilege Escalation

CVSS 7.8

CVE-2019-25245 HIGH

Ross Video DashBoard 8.5.1 - Privilege Escalation

CVSS 8.8

CVE-2019-18243 MEDIUM

GE iFIX < 6.1 - Authenticated Privilege Escalation via Registry Configuration Modification

CVSS 5.5

CVE-2019-18255 MEDIUM

GE iFIX < 6.1 - Authenticated Privilege Escalation via Section Object Configuration

CVSS 5.5

CVE-2019-4702 HIGH

IBM Security Guardium Data Encryption <3.0.0.2 - Info Disclosure

CVSS 8.1

CVE-2019-14480 CRITICAL

AdRem NetCrunch 10.6.0.4587 - Auth Bypass

CVSS 9.8

CVE-2019-11121 HIGH

Intel Media SDK for Windows - Incorrect Permission Assignment for Critical Resource

CVSS 7.8

CVE-2019-19455 HIGH

Wowza Streaming Engine <4.8.5 - Privilege Escalation

CVSS 7.8

CVE-2019-19218 HIGH

BMC Control-M/Agent 7.0.00.000 - Info Disclosure

CVSS 7.5

CVE-2019-20693 MEDIUM

NETGEAR WAC505 and WAC510 Firmware < 8.0.6.4 - Incorrect Permission Assignment for Critical Resource

CVSS 5.4

CVE-2019-4603 MEDIUM

IBM Quality Manager - Privilege Escalation

CVSS 4.3

CVE-2019-19335 MEDIUM

OpenShift 4.2 - Unprotected Credential Exposure via World-Readable Auth Directory

CVSS 4.4

CVE-2019-5543 HIGH

VMware Horizon Client 5.0.0-5.2.9 - Incorrect Permission Assignment for Critical Resource

CVSS 7.8

CVE-2019-2089 HIGH

Android 10 - Incorrect Permission Assignment for Critical Resource during App Uninstallation

CVSS 7.8

CVE-2019-18577 MEDIUM

Dell EMC XtremIO XMS <6.3.0 - Privilege Escalation

CVSS 6.7

Details

Vulnerabilities 1,664

Exploit Likelihood High

Links