CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2018-12357 MEDIUM
Arista CloudVision Portal <2018.1.1 - Privilege Escalation
CVSS 6.5
CVE-2018-20936 LOW
Cpanel < 62.0.39 - Incorrect Permission Assignment
CVSS 3.3
CVE-2018-20909 HIGH
Cpanel < 62.0.42 - Incorrect Permission Assignment
CVSS 7.1
CVE-2018-20908 MEDIUM
Cpanel < 62.0.47 - Incorrect Permission Assignment
CVSS 5.5
CVE-2018-20907 MEDIUM
Cpanel < 62.0.47 - Incorrect Permission Assignment
CVSS 4.3
CVE-2018-20906 MEDIUM
Cpanel < 62.0.47 - Incorrect Permission Assignment
CVSS 4.3
CVE-2018-20905 MEDIUM
Cpanel < 62.0.47 - Incorrect Permission Assignment
CVSS 5.4
CVE-2018-20904 MEDIUM
Cpanel < 62.0.47 - Incorrect Permission Assignment
CVSS 4.3
CVE-2018-20871 CRITICAL
Univa Grid Engine - Incorrect Permission Assignment
CVSS 9.8
CVE-2018-2024 HIGH
IBM Qradar Security Information And E... - Incorrect Permission Assignment
CVSS 8.1
CVE-2018-14862 MEDIUM
Odoo <11.0 - Privilege Escalation
CVSS 6.5
CVE-2018-14861 MEDIUM
Odoo <11.0 - Info Disclosure
CVSS 6.5
CVE-2018-14866 MEDIUM
Odoo <11.0 - Privilege Escalation
CVSS 4.3
CVE-2018-14916 CRITICAL
LOYTEC LGATE-902 <6.3.2 - Info Disclosure
CVSS 9.1
CVE-2018-14886 MEDIUM
Odoo <11.0 - Privilege Escalation
CVSS 4.9
CVE-2018-19446 HIGH
Foxit Reader SDK (ActiveX) Pro 5.4.0.1031 - RCE
CVSS 7.8
CVE-2018-3702 HIGH
Intel Ite Tech Consumer Infrared Driver < 5.4.3.0 - Incorrect Permission Assignment
CVSS 7.8
CVE-2018-19860 HIGH
Broadcom firmware - RCE
CVSS 8.8
CVE-2018-10171 CRITICAL
Kromtech MacKeeper 3.20.4 - Privilege Escalation
CVSS 9.8
CVE-2018-20008 MEDIUM
iBall Baton iB-WRB302N20122017 - Info Disclosure
CVSS 6.8
CVE-2018-3701 HIGH
Intel Proset/wireless Wifi < 20.100 - Incorrect Permission Assignment
CVSS 7.8
CVE-2018-20500 HIGH
Gitlab < 11.4.13 - Incorrect Permission Assignment
CVSS 7.5
CVE-2018-20007 MEDIUM
Yeelight Smart AI Speaker 3.3.10_0074 - Privilege Escalation
CVSS 6.8
CVE-2018-4028 HIGH
Anker-in Roav Dashcam A1 Firmware - Incorrect Permission Assignment
CVSS 7.5
CVE-2018-12296 HIGH
Seagate NAS OS <4.3.15.1 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits