Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

CVEs (1,663)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-21255 1Mattermost 1Mattermost Server Nov 21, 2024 Jun 19, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in Mattermost Server before 5.1. Non-members of a channel could use the Channel PATCH API to modify that channel.
CVE-2018-21254 1Mattermost 1Mattermost Server Nov 21, 2024 Jun 19, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in Mattermost Server before 5.1. An attacker can bypass intended access control (for direct-message channel creation) via the Message slash command.
CVE-2018-21253 1Mattermost 1Mattermost Server Nov 21, 2024 Jun 19, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in Mattermost Server before 5.1, 5.0.2, and 4.10.2. An attacker could use the invite_people slash command to invite a non-permitted user.
CVE-2017-18876 1Mattermost 1Mattermost Server Nov 21, 2024 Jun 19, 2020 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can test for the existence of an arbitrary file.
CVE-2017-18875 1Mattermost 1Mattermost Server Nov 21, 2024 Jun 19, 2020 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can create arbitrary files.
CVE-2017-18870 1Mattermost 1Mattermost Server Nov 21, 2024 Jun 19, 2020 N/A· v4 4.3 MEDIUM· v3 3.5 LOW· v2 An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, and 4.3.4. It mishandled webhook access control in the EnableOnlyAdminIntegrations case.
CVE-2020-10782 1Redhat 1Ansible Tower Nov 21, 2024 Jun 18, 2020 N/A· v4 6.5 MEDIUM· v3 2.1 LOW· v2 An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wron...Show more An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is to confidentiality. This is fixed in Ansible version 3.7.1.Show less
CVE-2020-11911 1Treck 1Tcp/ip Nov 21, 2024 Jun 17, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control.
CVE-2020-13431 1Geti2p 1I2p Nov 21, 2024 Jun 16, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 I2P before 0.9.46 allows local users to gain privileges via a Trojan horse I2PSvc.exe file because of weak permissions on a certain %PROGRAMFILES% subdirectory.
CVE-2020-5358 1Dell 2Encryption Endpoint Security Suite Enterprise Nov 21, 2024 Jun 15, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Dell Encryption versions prior to 10.7 and Dell Endpoint Security Suite versions prior to 2.7 contain a privilege escalation vulnerability due to incorrect permissions. A local malicious user with low privileges could po...Show more Dell Encryption versions prior to 10.7 and Dell Endpoint Security Suite versions prior to 2.7 contain a privilege escalation vulnerability due to incorrect permissions. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link.Show less
CVE-2020-5755 1Webroot 1Endpoint Agents Nov 21, 2024 Jun 15, 2020 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite...Show more Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation.Show less
CVE-2020-3961 1Vmware 1Horizon Client Nov 21, 2024 Jun 15, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system where the software is in...Show more VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system where the software is installed may exploit this issue to run commands as any user.Show less
CVE-2020-11613 1Mids' Reborn Hero Designer Project 1Mids' Reborn Hero Designer Nov 21, 2024 Jun 11, 2020 N/A· v4 7.8 HIGH· v3 4.4 MEDIUM· v2 Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissio...Show more Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can replace binaries or plant malicious DLLs to obtain elevated, or different, privileges, depending on the context of the user that runs the application.Show less
CVE-2020-1170 1Microsoft 4Forefront Endpoint Protection 2010 Security EssentialsSystem Center Endpoint Protection+1 more Nov 21, 2024 Jun 9, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windo...Show more An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1163.Show less
CVE-2020-13866 1Qbik 1Wingate Nov 21, 2024 Jun 8, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse.
CVE-2020-13912 1Solarwinds 1Advanced Monitoring Agent Nov 21, 2024 Jun 7, 2020 N/A· v4 7.3 HIGH· v3 6.0 MEDIUM· v2 SolarWinds Advanced Monitoring Agent before 10.8.9 allows local users to gain privileges via a Trojan horse .exe file, because everyone can write to a certain .exe file.
CVE-2020-13386 1Smartdraw 1Smartdraw 2020 Nov 21, 2024 May 27, 2020 N/A· v4 7.3 HIGH· v3 4.4 MEDIUM· v2 In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. Additionally, when the product is installed, two scheduled tasks are...Show more In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. Additionally, when the product is installed, two scheduled tasks are created on the machine, SDMsgUpdate (Local) and SDMsgUpdate (TE). The scheduled tasks run in the context of the user who installed the product. Both scheduled tasks attempt to run the same binary, C:\SmartDraw 2020\Messages\SDNotify.exe. The folder Messages doesn't exist by default and (by extension) neither does SDNotify.exe. Due to the weak folder permissions, these can be created by any user. A malicious actor can therefore create a malicious SDNotify.exe binary, and have it automatically run, whenever the user who installed the product logs on to the machine. The malicious SDNotify.exe could, for example, create a new local administrator account on the machine.Show less
CVE-2020-12431 1Splashtop 2Software Updater Streamer Nov 21, 2024 May 21, 2020 N/A· v4 6.6 MEDIUM· v3 6.3 MEDIUM· v2 A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by...Show more A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with resultant DLL hijacking. This product is bundled with Splashtop Streamer (before 3.3.8.0) and Splashtop Business (before 3.3.8.0).Show less
CVE-2020-12831 1Linuxfoundation 1Free Range Routing Nov 21, 2024 May 13, 2020 N/A· v4 5.3 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading to a pos...Show more An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading to a possible information leak via tools/frr.in and tools/frrcommon.sh.in. NOTE: some parties consider this user error, not a vulnerability, because the permissions are under the control of the user before any sensitive information is present in the fileShow less
CVE-2020-8153 2Fedoraproject Nextcloud 2Fedora Group Folders Nov 21, 2024 May 12, 2020 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when renaming an accessible item to the same name.

Previous 1...515253...84 Next