CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2018-10170 CRITICAL
NordVPN 6.12.7.0 - Privilege Escalation
CVSS 9.8
CVE-2018-10169 CRITICAL
ProtonVPN 1.3.3 - Privilege Escalation
CVSS 9.8
CVE-2018-1315 LOW
Apache Hive < 2.3.2 - Incorrect Permission Assignment
CVSS 3.7
CVE-2018-1002150 CRITICAL
Koji <1.12.1-1.15.1 - Privilege Escalation
CVSS 9.1
CVE-2018-1267 HIGH
Cloudfoundry Silk-release < 0.2.0 - Incorrect Permission Assignment
CVSS 8.1
CVE-2018-1231 HIGH
Pivotal Software Bosh CLI < 3.0.1 - Incorrect Permission Assignment
CVSS 8.8
CVE-2018-1203 MEDIUM
Dell Emc Isilon Onefs < 8.0.0.6 - Incorrect Permission Assignment
CVSS 6.7
CVE-2018-5349 HIGH
Heimdal PRO v2.2.190 - Privilege Escalation
CVSS 7.8
CVE-2018-8933 CRITICAL
AMD Epyc Server Firmware - Incorrect Permission Assignment
CVSS 9.0
CVE-2018-8932 CRITICAL
AMD Ryzen Pro Firmware - Incorrect Permission Assignment
CVSS 9.0
CVE-2018-8931 CRITICAL
AMD Ryzen Mobile Firmware - Incorrect Permission Assignment
CVSS 9.0
CVE-2018-1141 HIGH
Nessus <7.0.3 - Privilege Escalation
CVSS 7.0
CVE-2018-1197 HIGH
Windows Stemcells <1200.14 - Privilege Escalation
CVSS 8.5
CVE-2018-1000132 CRITICAL
Mercurial <4.5 - Info Disclosure
CVSS 9.1
CVE-2018-1386 HIGH
IBM Tivoli Workload Automation for AIX - Privilege Escalation
CVSS 7.8
CVE-2018-1000080 MEDIUM
Ajenti 2 - Insecure Permissions
CVSS 6.5
CVE-2018-1000072 HIGH
iRedMail <commit f04b8ef - Info Disclosure
CVSS 7.5
CVE-2018-1000071 HIGH
roundcube <1.3.4 - Info Disclosure
CVSS 7.5
CVE-2018-6623 HIGH
Hola VPN - Incorrect Permission Assignment
CVSS 8.8
CVE-2018-7581 HIGH
Weblogexpert Weblog Expert - Incorrect Permission Assignment
CVSS 7.8
CVE-2018-1069 HIGH
Redhat Openshift - Improper Access Control
CVSS 7.1
CVE-2018-5313 HIGH
Rapid Scada 5.5.0 - Privilege Escalation
CVSS 7.8
CVE-2018-1417 HIGH
J9 JVM <8.0 - Privilege Escalation
CVSS 8.1
CVE-2018-7408 HIGH
Npm < 5.7.1 - Incorrect Permission Assignment
CVSS 7.8
CVE-2018-7311 HIGH
Privatevpn - Incorrect Permission Assignment
CVSS 8.8
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits