CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,624 vulnerabilities with CWE-732
CVE-2017-18876 MEDIUM
Mattermost Server <4.3.0-4.1.2 - Info Disclosure
CVSS 4.9
CVE-2017-18875 MEDIUM
Mattermost Server <4.3.0-4.1.2 - Privilege Escalation
CVSS 4.9
CVE-2017-18870 MEDIUM
Mattermost Server <4.5.0-4.3.4 - Info Disclosure
CVSS 4.3
CVE-2017-9626 CRITICAL
Marel Food Processing Systems Pluto - Unauthenticated RCE
CVSS 9.8
CVE-2017-18348 HIGH
Splunk < 6.6.11 - Incorrect Permission Assignment
CVSS 7.0
CVE-2017-2590 HIGH
Freeipa < 4.4.0 - Incorrect Permission Assignment
CVSS 8.1
CVE-2017-12167 MEDIUM
EAP 7 <7.0.9 - Info Disclosure
CVSS 5.5
CVE-2017-7471 CRITICAL
Qemu VirtFS - Privilege Escalation
CVSS 9.0
CVE-2017-0913 MEDIUM
Ubiquiti UCRM 2.3.0-2.7.7 - Info Disclosure
CVSS 4.7
CVE-2017-7821 CRITICAL
Mozilla Firefox < 55.0.3 - Incorrect Permission Assignment
CVSS 9.8
CVE-2017-5456 CRITICAL
Redhat Enterprise Linux < 53.0 - Incorrect Permission Assignment
CVSS 9.8
CVE-2017-5426 MEDIUM
Firefox < 52 - Privilege Escalation
CVSS 5.3
CVE-2017-18285 HIGH
Burp < 2.1.32 - Incorrect Permission Assignment
CVSS 7.1
CVE-2017-18284 HIGH
Burp < 2.1.32 - Incorrect Permission Assignment
CVSS 7.1
CVE-2017-2612 MEDIUM
Jenkins <2.44, 2.32.2 - Privilege Escalation
CVSS 5.4
CVE-2017-4952 HIGH
VMware Xenon <1.5.4-1.5.7 - Auth Bypass
CVSS 7.5
CVE-2017-1624 MEDIUM
IBM QRadar <7.3.1 - Info Disclosure
CVSS 4.2
CVE-2017-18226 MEDIUM
Jabberd2 < 2.6.1 - Incorrect Permission Assignment
CVSS 5.5
CVE-2017-18225 HIGH
Jabberd2 < 2.6.1 - Incorrect Permission Assignment
CVSS 7.8
CVE-2017-6928 MEDIUM
Drupal core 7.x <7.57 - Auth Bypass
CVSS 5.3
CVE-2017-9268 MEDIUM
Open Build Service <20170702 - DoS
CVSS 4.4
CVE-2017-15352 LOW
Huawei Oceanstor 2800 Firmware - Incorrect Permission Assignment
CVSS 3.1
CVE-2017-13236 HIGH
Google Android - Incorrect Permission Assignment
CVSS 7.8
CVE-2017-16945 HIGH
Arq <5.10 - Privilege Escalation
CVSS 7.8
CVE-2017-16928 HIGH
Arq <5.10 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 1,624
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits