CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2019-13679 LOW
Google Chrome <77.0.3865.75 - Info Disclosure
CVSS 3.3
CVE-2019-13677 MEDIUM
Google Chrome <77.0.3865.75 - Auth Bypass
CVSS 6.5
CVE-2019-13676 MEDIUM
Chromium <77.0.3865.75 - CSRF
CVSS 4.3
CVE-2019-13665 MEDIUM
Google Chrome <77.0.3865.75 - CSRF
CVSS 6.5
CVE-2019-4214 LOW
IBM Smartcloud Analytics Log Analysis - Incorrect Permission Assign...
CVSS 3.7
CVE-2019-19197 HIGH
Kyrol Internet Security 9.0.6.9 - Privilege Escalation/DoS/RCE
CVSS 7.8
CVE-2019-16406 HIGH
Centreon Web 19.04.4 - Privilege Escalation
CVSS 7.8
CVE-2019-18958 HIGH
Nitro Pro <13.2 - Info Disclosure
CVSS 7.8
CVE-2019-14869 HIGH
Ghostscript 9.x <9.50 - Privilege Escalation
CVSS 8.8
CVE-2019-15340 LOW
Redmi 6 Firmware - Incorrect Permission Assignment
CVSS 3.3
CVE-2019-15339 LOW
Lavamobiles Z60s Firmware - Incorrect Permission Assignment
CVSS 3.3
CVE-2019-15338 LOW
Lavamobiles Iris 88 Firmware - Incorrect Permission Assignment
CVSS 3.3
CVE-2019-15337 LOW
Lavamobiles Z81 Firmware - Incorrect Permission Assignment
CVSS 3.3
CVE-2019-15336 LOW
Lavamobiles Z61 Firmware - Incorrect Permission Assignment
CVSS 3.3
CVE-2019-15335 LOW
Lavamobiles Z92 Firmware - Incorrect Permission Assignment
CVSS 3.3
CVE-2019-15334 LOW
Lavamobiles Iris 88 Firmware - Incorrect Permission Assignment
CVSS 3.3
CVE-2019-15333 LOW
Lavamobiles Flair Z1 Firmware - Incorrect Permission Assignment
CVSS 3.3
CVE-2019-11155 HIGH
Intel Proset/wireless Wifi < 21.40 - Incorrect Permission Assignment
CVSS 7.1
CVE-2019-11154 HIGH
Intel Proset/wireless Wifi < 21.40 - Incorrect Permission Assignment
CVSS 7.1
CVE-2019-18895 HIGH
Scanguard <2019-11-12 - Privilege Escalation
CVSS 7.8
CVE-2019-1457 HIGH
Microsoft Office - Incorrect Permission Assignment
CVSS 7.8
CVE-2019-18856 HIGH
Drupal <8.x-1.0-alpha1 - DoS
CVSS 7.5
CVE-2019-13535 MEDIUM
Medtronic Valleylab FT10/LS10 <2.1.0/<1.20.2 - Info Disclosure
CVSS 4.6
CVE-2019-3425 HIGH
ZTE Zxupn-9000e Firmware - Incorrect Permission Assignment
CVSS 8.8
CVE-2019-3866 MEDIUM
Redhat Openstack-mistral - Incorrect Permission Assignment
CVSS 5.5
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits