CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2018-16545 HIGH
Kzsoftware Asset Manager - Incorrect Permission Assignment
CVSS 7.8
CVE-2018-6598 HIGH
Orbic Wonder Rc555l Firmware - Incorrect Permission Assignment
CVSS 7.1
CVE-2018-15869 MEDIUM
Hashicorp Packer < 1.3.0 - Incorrect Permission Assignment
CVSS 5.3
CVE-2018-15809 MEDIUM
Accupos - Incorrect Permission Assignment
CVSS 5.5
CVE-2018-1000226 CRITICAL
Cobbler <2.6.11 - Privilege Escalation
CVSS 9.8
CVE-2018-1000649 HIGH
LibreHealthIO lh-ehr REL-2.0.0 - Authenticated RCE
CVSS 8.8
CVE-2018-15491 HIGH
Zemana Antilogger < 1.9.3.602 - Incorrect Permission Assignment
CVSS 7.5
CVE-2018-15482 CRITICAL
Google Android - Incorrect Permission Assignment
CVSS 9.8
CVE-2018-14982 CRITICAL
LG Devices <8.1 - Info Disclosure
CVSS 9.8
CVE-2018-14981 CRITICAL
LG Devices <8.1 - Info Disclosure
CVSS 9.8
CVE-2018-5546 HIGH
F5 BIG-IP APM <7.1.7.1 - Info Disclosure
CVSS 7.8
CVE-2018-11454 HIGH
Siemens Simatic Step 7 (tia Portal) - Incorrect Permission Assignment
CVSS 8.6
CVE-2018-11453 HIGH
Siemens Simatic Step 7 (tia Portal) - Incorrect Permission Assignment
CVSS 7.8
CVE-2018-1551 LOW
IBM Websphere MQ < 8.0.0.8 - Incorrect Permission Assignment
CVSS 3.1
CVE-2018-5490 HIGH
Clustered Data ONTAP <8.3 - Info Disclosure
CVSS 8.8
CVE-2018-12467 MEDIUM
OBS <2.9.4 - Privilege Escalation
CVSS 6.0
CVE-2018-12466 MEDIUM
openSUSE openbuildservice <9.2.4 - Privilege Escalation
CVSS 4.4
CVE-2018-10869 HIGH
redhat-certification - Info Disclosure
CVSS 7.5
CVE-2018-5540 MEDIUM
F5 <13.0.1 - Privilege Escalation
CVSS 4.4
CVE-2018-0392 MEDIUM
Cisco Policy Suite - Privilege Escalation
CVSS 5.5
CVE-2018-1000211 HIGH
Doorkeeper >=4.2.0 - Info Disclosure
CVSS 7.5
CVE-2018-1000209 HIGH
Sensu Core <1.4.2-3 - Code Injection
CVSS 8.8
CVE-2018-1000207 HIGH
MODX Revolution <=2.6.4 - File Creation
CVSS 7.2
CVE-2018-14043 CRITICAL
mstdlib 1.2.0 - Info Disclosure
CVSS 9.8
CVE-2018-12979 MEDIUM
Wago 762-3000 Firmware < 02 - Incorrect Permission Assignment
CVSS 6.5
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits