Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

CVEs (1,658)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-1113 1Redhat 4Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+1 more Nov 21, 2024 Jul 3, 2018 N/A· v4 5.3 MEDIUM· v3 4.6 MEDIUM· v2 setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pam_shells and some daemons which allow acces...Show more setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pam_shells and some daemons which allow access based on a user's shell being listed in /etc/shells. Under some circumstances, users which had their shell changed to /sbin/nologin could still access the system.Show less
CVE-2018-10856 1Libpod Project 1Libpod Nov 21, 2024 Jul 3, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.
CVE-2018-10843 1Redhat 1Openshift Container Platform Nov 21, 2024 Jul 2, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user...Show more source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.Show less
CVE-2018-13025 1Yxcms 1Yxcms Nov 21, 2024 Jun 29, 2018 N/A· v4 4.9 MEDIUM· v3 5.5 MEDIUM· v2 protected/apps/admin/controller/photoController.php in YXcms 1.4.7 allows remote attackers to delete arbitrary files via the index.php?r=admin/photo/delpic picname parameter.
CVE-2018-12922 1Vertiv 1Liebert Intellislot Firmware Nov 21, 2024 Jun 28, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Emerson Liebert IntelliSlot Web Card devices allow remote attackers to reconfigure access control via the config/configUser.htm or config/configTelnet.htm URI.
CVE-2018-1354 1Fortinet 2Fortianalyzer Fortimanager Nov 21, 2024 Jun 27, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 An improper access control vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows a regular user edit the avatar picture of other users with arbitrary...Show more An improper access control vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows a regular user edit the avatar picture of other users with arbitrary content.Show less
CVE-2018-11053 1Dell 1Emc Idrac Service Module Nov 21, 2024 Jun 26, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) t...Show more Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) to world writable. A malicious low privileged operating system user or process could modify the host file and potentially redirect traffic from the intended destination to sites hosting malicious or unwanted content.Show less
CVE-2018-1000547 1Corebos 1Corebos Nov 21, 2024 Jun 26, 2018 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 coreBOS version 7.0 and earlier contains a Incorrect Access Control vulnerability in Module: Contacts that can result in The error allows you to access records that you have no permissions to. .
CVE-2018-1000511 1Wpulike 1Ulike Nov 21, 2024 Jun 26, 2018 N/A· v4 7.5 HIGH· v3 5.5 MEDIUM· v2 WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control vulnerability in AJAX that can result in allows anybody to delete any row in certain tables. This attack appear to be exploitable via Attacker must make AJA...Show more WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control vulnerability in AJAX that can result in allows anybody to delete any row in certain tables. This attack appear to be exploitable via Attacker must make AJAX request. This vulnerability appears to have been fixed in 3.2.Show less
CVE-2018-1000510 1Silkypress 1Image Zoom Nov 21, 2024 Jun 26, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 WP Image Zoom version 1.23 contains a Incorrect Access Control vulnerability in AJAX settings that can result in allows anybody to cause denial of service. This attack appear to be exploitable via Can be triggered intent...Show more WP Image Zoom version 1.23 contains a Incorrect Access Control vulnerability in AJAX settings that can result in allows anybody to cause denial of service. This attack appear to be exploitable via Can be triggered intentionally (or unintentionally via CSRF) by any logged in user. This vulnerability appears to have been fixed in 1.24.Show less
CVE-2018-12642 1Froxlor 1Froxlor Nov 21, 2024 Jun 22, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Froxlor through 0.9.39.5 has Incorrect Access Control for tickets not owned by the current user.
CVE-2018-12615 1Phusion 1Passenger Nov 21, 2024 Jun 21, 2018 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups (gidset) is not set correctly, leaving it up to randomness (i.e., uninitialized memory)...Show more An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups (gidset) is not set correctly, leaving it up to randomness (i.e., uninitialized memory) which supplementary groups are actually being set while lowering privileges.Show less
CVE-2018-11116 1Openwrt 1Openwrt Nov 21, 2024 Jun 19, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl.d files, which allows remote authenticated users to call arbitrary methods (i.e., achieve ubus access over HTTP) that were only supposed t...Show more OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl.d files, which allows remote authenticated users to call arbitrary methods (i.e., achieve ubus access over HTTP) that were only supposed to be accessible to a specific user, as demonstrated by the file, log, and service namespaces, potentially leading to remote Information Disclosure or Code Execution. NOTE: The developer disputes this as a vulnerability, indicating that rpcd functions appropriatelyShow less
CVE-2018-12028 1Phusion 1Passenger Nov 21, 2024 Jun 17, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back...Show more An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back to Passenger's process manager. If the malicious application then generates an error, it would cause Passenger's process manager to kill said reported arbitrary PID.Show less
CVE-2018-12027 1Phusion 1Passenger Nov 21, 2024 Jun 17, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it li...Show more An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of said socket are writable by a normal user that is not the application's user, then that non-application user can swap that directory with something else, resulting in traffic being redirected to a non-application user's process through an alternative Unix domain socket.Show less
CVE-2018-12335 1Ecos 1System Management Appliance Nov 21, 2024 Jun 17, 2018 N/A· v4 7.3 HIGH· v3 4.1 MEDIUM· v2 Incorrect access control in ECOS System Management Appliance (aka SMA) 5.2.68 allows a user to compromise authentication keys, and access and manipulate security relevant configurations, via unrestricted database access...Show more Incorrect access control in ECOS System Management Appliance (aka SMA) 5.2.68 allows a user to compromise authentication keys, and access and manipulate security relevant configurations, via unrestricted database access during Easy Enrollment.Show less
CVE-2018-12457 1Expresscart Project 1Expresscart Nov 21, 2024 Jun 15, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header.
CVE-2018-1036 1Microsoft 7Windows 10 Windows 7Windows 8.1+4 more Nov 21, 2024 Jun 14, 2018 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Win...Show more An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.Show less
CVE-2018-0982 1Microsoft 2Windows 10 Windows Server 2016 Nov 21, 2024 Jun 14, 2018 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Ser...Show more An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.Show less
CVE-2018-12259 1Apollotechnologiesinc 1Momentum Axel 720p Firmware Nov 21, 2024 Jun 12, 2018 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 An issue was discovered on Momentum Axel 720P 5.1.8 devices. Root access can be obtained via UART pins without any restrictions, which leads to full system compromise.

Previous 1...727374...83 Next