Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

CVEs (1,657)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-8933 1Amd 1Epyc Server Firmware Nov 21, 2024 Mar 22, 2018 N/A· v4 9.0 CRITICAL· v3 9.3 HIGH· v2 The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3.
CVE-2018-8932 1Amd 2Ryzen Firmware Ryzen Pro Firmware Nov 21, 2024 Mar 22, 2018 N/A· v4 9.0 CRITICAL· v3 9.3 HIGH· v2 The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4.
CVE-2018-8931 1Amd 3Ryzen Firmware Ryzen Mobile FirmwareRyzen Pro Firmware Nov 21, 2024 Mar 22, 2018 N/A· v4 9.0 CRITICAL· v3 9.3 HIGH· v2 The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1.
CVE-2018-1141 1Tenable 1Nessus Nov 21, 2024 Mar 20, 2018 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had n...Show more When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the installation location.Show less
CVE-2018-1197 1Pivotal Software 1Windows Stemcells Nov 21, 2024 Mar 19, 2018 N/A· v4 8.5 HIGH· v3 6.0 MEDIUM· v2 In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged...Show more In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged credentials.Show less
CVE-2018-1000132 2Debian Mercurial 2Debian Linux Mercurial Nov 21, 2024 Mar 14, 2018 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity....Show more Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1.Show less
CVE-2018-1386 1Ibm 1Tivoli Workload Scheduler Nov 21, 2024 Mar 14, 2018 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 IBM Tivoli Workload Automation for AIX (IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4) contains directories with improper permissions that could allow a local user to with special access to gain root privileges. IBM...Show more IBM Tivoli Workload Automation for AIX (IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4) contains directories with improper permissions that could allow a local user to with special access to gain root privileges. IBM X-Force ID: 138208.Show less
CVE-2018-1000080 1Ajenti 1Ajenti Nov 21, 2024 Mar 13, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Ajenti version version 2 contains a Insecure Permissions vulnerability in Plugins download that can result in The download of any plugins as being a normal user. This attack appear to be exploitable via By knowing how th...Show more Ajenti version version 2 contains a Insecure Permissions vulnerability in Plugins download that can result in The download of any plugins as being a normal user. This attack appear to be exploitable via By knowing how the requisition is made, and sending it as a normal user, the server, in response, downloads the plugin.Show less
CVE-2018-1000072 1Iredmail 1Iredmail Nov 21, 2024 Mar 13, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 iRedMail version prior to commit f04b8ef contains a Insecure Permissions vulnerability in Roundcube Webmail that can result in Exfiltrate a user's password protected secret GPG key file and other important configuration...Show more iRedMail version prior to commit f04b8ef contains a Insecure Permissions vulnerability in Roundcube Webmail that can result in Exfiltrate a user's password protected secret GPG key file and other important configuration files.. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in Beta: 0.9.8-BETA1, Stable: 0.9.7.Show less
CVE-2018-1000071 1Roundcube 1Webmail Nov 21, 2024 Mar 13, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity.
CVE-2018-6623 1Hola 1Vpn Nov 21, 2024 Mar 12, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in Hola 1.79.859. An unprivileged user could modify or overwrite the executable with arbitrary code, which would be executed the next time the service is started. Depending on the user that the se...Show more An issue was discovered in Hola 1.79.859. An unprivileged user could modify or overwrite the executable with arbitrary code, which would be executed the next time the service is started. Depending on the user that the service runs as, this could result in privilege escalation. The issue exists because of the SERVICE_ALL_ACCESS access right for the hola_svc and hola_updater services.Show less
CVE-2017-18226 1Jabberd2 1Jabberd2 Nov 21, 2024 Mar 12, 2018 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file mo...Show more The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM `cat /var/run/jabber/filename.pid`" command.Show less
CVE-2017-18225 1Jabberd2 1Jabberd2 Nov 21, 2024 Mar 12, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-sm in /usr/bin owned by the jabber account, which might allow local users to gain privileges by...Show more The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-sm in /usr/bin owned by the jabber account, which might allow local users to gain privileges by leveraging access to this account and then waiting for root to execute one of these programs.Show less
CVE-2018-7581 1Weblogexpert 1Weblog Expert Nov 21, 2024 Mar 9, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 \ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog Expert Web Server Enterprise 9.4 has weak permissions (BUILTIN\Users:(ID)C), which allows local users to set a cleartext password and login as admin.
CVE-2018-1069 1Redhat 1Openshift Nov 21, 2024 Mar 9, 2018 N/A· v4 7.1 HIGH· v3 5.4 MEDIUM· v2 Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on t...Show more Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on the network filesystem.Show less
CVE-2018-5313 1Rapidscada 1Rapid Scada Nov 21, 2024 Mar 8, 2018 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation...Show more A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM.Show less
CVE-2017-6928 2Debian Drupal 2Debian Linux Drupal Nov 21, 2024 Mar 1, 2018 N/A· v4 5.3 MEDIUM· v3 3.5 LOW· v2 Drupal core 7.x versions before 7.57 when using Drupal's private file system, Drupal will check to make sure a user has access to a file before allowing the user to view or download it. This check fails under certain con...Show more Drupal core 7.x versions before 7.57 when using Drupal's private file system, Drupal will check to make sure a user has access to a file before allowing the user to view or download it. This check fails under certain conditions in which one module is trying to grant access to the file and another is trying to deny it, leading to an access bypass vulnerability. This vulnerability is mitigated by the fact that it only occurs for unusual site configurations.Show less
CVE-2017-9268 1Opensuse 1Open Build Service Nov 21, 2024 Mar 1, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 In the open build service before 201707022 the wipetrigger and rebuild actions checked the wrong project for permissions, allowing authenticated users to cause operations on projects where they did not have permissions l...Show more In the open build service before 201707022 the wipetrigger and rebuild actions checked the wrong project for permissions, allowing authenticated users to cause operations on projects where they did not have permissions leading to denial of service (resource consumption).Show less
CVE-2018-1417 1Ibm 1Java Sdk Nov 21, 2024 Feb 22, 2018 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.
CVE-2018-7408 1Npmjs 1Npm Nov 21, 2024 Feb 22, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of...Show more An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status). It might allow local users to bypass intended filesystem access restrictions because ownerships of /etc and /usr directories are being changed unexpectedly, related to a "correctMkdir" issue.Show less

Previous 1...757677...83 Next