CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,666 vulnerabilities with CWE-732
CVE-2018-11951 MEDIUM
Snapdragon Mobile <SD 845-SD 850 - Info Disclosure
CVSS 5.5
CVE-2018-18654 HIGH
Crossroads 2.81 - Incorrect Permission Assignment for Critical Resource in /tmp Directory
CVSS 7.8
CVE-2018-11792 CRITICAL
Apache Impala < 3.0.1 - Incorrect Permission Assignment for Critical Resource
CVSS 9.8
CVE-2018-17873 HIGH
WiFiRanger <7.0.8rc3 - Info Disclosure
CVSS 8.8
CVE-2018-11080 HIGH
Dell EMC Secure Remote Services < 3.32.00.08 - Authenticated Privilege Escalation via Improper File Permissions
CVSS 7.3
CVE-2018-7924 LOW
Huawei Anne-AL00 <8.0.0.151(C00) - Info Disclosure
CVSS 2.4
CVE-2018-13399 HIGH
Atlassian Crucible and Fisheye < 4.6.1 - Privilege Escalation via Weak Installation Directory Permissions
CVSS 7.8
CVE-2018-17892 HIGH
NUUO CMS <3.1 - Privilege Escalation
CVSS 8.8
CVE-2018-1724 MEDIUM
IBM Spectrum LSF 9.1.1-9.1.3 and 10.1 - Incorrect Permission Assignment for Critical Resource
CVSS 5.9
CVE-2018-12173 HIGH
Intel Server Board S2600bp Firmware < 00.01.0014 - Incorrect Permission Assignment
CVSS 7.6
CVE-2018-12131 HIGH
Intel NVMe <4.0.0.1007, Intel RSTe <4.7.0.2083 - Privilege Escalation
CVSS 7.8
CVE-2018-8411 HIGH
Windows NTFS - Elevation of Privilege via Improper Access Check
CVSS 7.8
CVE-2018-17775 HIGH
Seqrite End Point Security <7.4 - Privilege Escalation
CVSS 7.8
CVE-2018-1750 MEDIUM
IBM Security Key Lifecycle Manager 3.0 - Incorrect Permission Assignment for Critical Resource
CVSS 4.2
CVE-2018-11064 HIGH
Dell EMC Unity/UnityVSA OE 4.3.0.x-4.3.1.x Authenticated Arbitrary Code Execution
CVSS 7.8
CVE-2018-15379 CRITICAL
Cisco Prime Infrastructure - Path Traversal
CVSS 9.8
CVE-2018-0422 HIGH
Cisco Webex Meetings <1.3.37 / Server <3.0 - Authenticated Arbitrary File Write & Privilege Escalation
CVSS 7.3
CVE-2018-17872 HIGH
Verba Collaboration <9.2.1.5545 - Info Disclosure
CVSS 8.8
CVE-2018-6261 HIGH
GeForce Experience < 3.15 - Incorrect File Permissions via GameStream
CVSS 7.0
CVE-2018-1420 MEDIUM
IBM WebSphere Portal - Info Disclosure
CVSS 5.3
CVE-2018-17776 HIGH
PCProtect Anti-Virus <4.8.35 - Privilege Escalation
CVSS 7.8
CVE-2018-14650 MEDIUM
sos-collector - Unprotected Sensitive Data Exposure via Default File Permissions
CVSS 5.9
CVE-2018-16588 HIGH
SUSE shadow < 4.2.1-27.9.1 - Privilege Escalation via World-Writable Intermediate Directories
CVSS 7.8
CVE-2018-14327 HIGH
Alcatel OSPREY3_MINI - Privilege Escalation
CVSS 7.8
CVE-2018-8848 HIGH
Philips e-Alert Unit <R2.1 - Privilege Escalation
CVSS 7.5
Details
Vulnerabilities 1,666
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits