CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2019-12645 HIGH
Cisco Jabber < 12.6\(1\) - Improper Input Validation
CVSS 7.8
CVE-2019-12635 MEDIUM
Cisco Content Security Management Appliance - Improper Authorization
CVSS 4.3
CVE-2019-2389 MEDIUM
MongoDB Server <4.0.11, <3.6.14, <3.4.22 - Privilege Escalation
CVSS 5.3
CVE-2019-15752 HIGH KEV
Docker < 2.1.0.1 - Incorrect Permission Assignment
CVSS 7.8
CVE-2019-15316 HIGH
Valvesoftware Steam Client - Incorrect Permission Assignment
CVSS 7.0
CVE-2019-15315 HIGH
Valvesoftware Steam Client - Incorrect Permission Assignment
CVSS 7.8
CVE-2019-11806 LOW
OX App Suite <7.10.1 - Info Disclosure
CVSS 3.3
CVE-2019-13069 HIGH
Extenua Silvershield < 6.1.14.144 - Incorrect Permission Assignment
CVSS 7.8
CVE-2019-7958 CRITICAL
Creative Cloud Desktop App <4.6.1 - Privilege Escalation
CVSS 9.8
CVE-2019-15119 MEDIUM
Ehang-io Nps < 0.23.2 - Incorrect Permission Assignment
CVSS 5.5
CVE-2019-15084 HIGH
Waves Maxx Audio - Incorrect Permission Assignment
CVSS 7.8
CVE-2019-0341 HIGH
SAP Enable Now - Incorrect Permission Assignment
CVSS 8.8
CVE-2019-12808 HIGH
Estsoft Altools < 18.1 - Incorrect Permission Assignment
CVSS 7.8
CVE-2019-14969 HIGH
Netwrix Auditor < 9.8 - Incorrect Permission Assignment
CVSS 7.8
CVE-2019-14935 HIGH
3cx - Incorrect Permission Assignment
CVSS 7.8
CVE-2019-1944 HIGH
Cisco Adaptive Security Appliance Software - Improper Input Validation
CVSS 7.3
CVE-2019-14743 MEDIUM
Valvesoftware Steam Client - Incorrect Permission Assignment
CVSS 6.6
CVE-2019-11270 HIGH
Pivotal Software Application Service - Improper Privilege Management
CVSS 7.5
CVE-2019-14395 LOW
cPanel <80.0.5 - Info Disclosure
CVSS 3.3
CVE-2019-1010101 CRITICAL
Akeo Consulting Rufus <3.0 - RCE
CVSS 9.8
CVE-2019-5222 MEDIUM
Huawei <Tony-AL00B 9.1.0.216 - Info Disclosure
CVSS 5.5
CVE-2019-12876 HIGH
Zohocorp Manageengine Admanager Plus - Incorrect Permission Assignment
CVSS 7.3
CVE-2019-1010009 CRITICAL
DGLux Server All - RCE
CVSS 9.8
CVE-2019-12577 HIGH
Londontrustmedia Private Internet Acc... - Incorrect Permission Assignment
CVSS 7.8
CVE-2019-13142 MEDIUM
Razer Surround - Incorrect Permission Assignment
CVSS 5.5
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits