CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2019-9222 HIGH
Gitlab < 11.6.10 - Path Traversal
CVSS 8.1
CVE-2019-3893 MEDIUM
Foreman < 1.20.3 - Incorrect Permission Assignment
CVSS 4.9
CVE-2019-0804 MEDIUM
Azure WaLinuxAgent - Info Disclosure
CVSS 6.5
CVE-2019-4093 MEDIUM
IBM Spectrum Protect - Incorrect Permission Assignment
CVSS 4.4
CVE-2019-9166 HIGH
Nagios XI < 5.5.11 - Incorrect Permission Assignment
CVSS 7.8
CVE-2019-1618 HIGH
Cisco Nexus 9000 - RCE
CVSS 7.8
CVE-2019-1601 HIGH
Cisco Nx-os < 8.3\(1\) - Improper Access Control
CVSS 7.8
CVE-2019-1600 MEDIUM
Cisco Firepower Extensible Operating ... - Incorrect Permission Assignment
CVSS 4.4
CVE-2019-1596 HIGH
Cisco NX-OS Software - Privilege Escalation
CVSS 7.8
CVE-2019-2001 MEDIUM
Android - Info Disclosure
CVSS 5.5
CVE-2019-7729 LOW
Bosch Smart Camera App <1.3.1 - Info Disclosure
CVSS 3.3
CVE-2019-0111 MEDIUM
Intel Data Center Manager < 5.0.2 - Incorrect Permission Assignment
CVSS 5.5
CVE-2019-0108 MEDIUM
Intel Data Center Manager < 5.0.2 - Incorrect Permission Assignment
CVSS 5.5
CVE-2019-0588 MEDIUM
Microsoft Exchange - Info Disclosure
CVSS 6.5
CVE-2018-15645 MEDIUM
Odoo < 12.0 - Improper Access Control
CVSS 6.5
CVE-2018-17766 MEDIUM
Ingenico Telium 2 - Auth Bypass
CVSS 4.6
CVE-2018-21256 MEDIUM
Mattermost Server < 5.1.0 - Incorrect Permission Assignment
CVSS 4.3
CVE-2018-21252 MEDIUM
Mattermost Server < 4.10.3 - Incorrect Permission Assignment
CVSS 4.3
CVE-2018-21265 MEDIUM
Mattermost Desktop < 4.0.0 - Incorrect Permission Assignment
CVSS 5.3
CVE-2018-21261 MEDIUM
Mattermost Server < 4.6.3 - Incorrect Permission Assignment
CVSS 4.3
CVE-2018-21255 MEDIUM
Mattermost Server < 5.1.0 - Incorrect Permission Assignment
CVSS 4.3
CVE-2018-21254 MEDIUM
Mattermost Server < 5.1.0 - Incorrect Permission Assignment
CVSS 4.3
CVE-2018-21253 MEDIUM
Mattermost Server < 4.10.2 - Incorrect Permission Assignment
CVSS 4.3
CVE-2018-21081 CRITICAL
Google Android - Incorrect Permission Assignment
CVSS 9.1
CVE-2018-18630 HIGH
Mckesson Horizon Cardiology Firmware - Incorrect Permission Assignment
CVSS 7.8
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits