Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

CVEs (1,663)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-42115 1Businessdnasolutions 1Topease Nov 21, 2024 Nov 30, 2021 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 Missing HTTPOnly flag in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 allows an unauthenticated remote attacker to escalate privileges from unauthenticated to authentica...Show more Missing HTTPOnly flag in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 allows an unauthenticated remote attacker to escalate privileges from unauthenticated to authenticated user via stealing and injecting the session- independent and static cookie UID.Show less
CVE-2021-24703 1Metagauss 1Download Plugin Nov 21, 2024 Nov 23, 2021 N/A· v4 5.7 MEDIUM· v3 3.5 LOW· v2 The Download Plugin WordPress plugin before 1.6.1 does not have capability and CSRF checks in the dpwap_plugin_activate AJAX action, allowing any authenticated users, such as subscribers, to activate plugins that are alr...Show more The Download Plugin WordPress plugin before 1.6.1 does not have capability and CSRF checks in the dpwap_plugin_activate AJAX action, allowing any authenticated users, such as subscribers, to activate plugins that are already installed.Show less
CVE-2021-43019 1Adobe 1Creative Cloud Desktop Application Nov 21, 2024 Nov 23, 2021 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation vulnerability in the resources leveraged by the Setup.exe service. An unauthenticated attacker could leverage this vulnerability to re...Show more Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation vulnerability in the resources leveraged by the Setup.exe service. An unauthenticated attacker could leverage this vulnerability to remove files and escalate privileges under the context of SYSTEM . An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability on the product installer. User interaction is required before product installation to abuse this vulnerability.Show less
CVE-2021-39235 1Apache 1Ozone Nov 21, 2024 Nov 19, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 In Apache Ozone before 1.2.0, Ozone Datanode doesn't check the access mode parameter of the block token. Authenticated users with valid READ block token can do any write operation on the same block.
CVE-2021-0064 1Intel 127265 Firmware Ac 3165 FirmwareAc 3168 Firmware+9 more Nov 21, 2024 Nov 17, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi software installer for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2021-33094 1Intel 1Nuc M15 Laptop Kit Keyboard Led Service Driver Pack Nov 21, 2024 Nov 17, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Insecure inherited permissions in the installer for the Intel(R) NUC M15 Laptop Kit Keyboard LED Service driver pack before version 1.0.0.4 may allow an authenticated user to potentially enable escalation of privilege vi...Show more Insecure inherited permissions in the installer for the Intel(R) NUC M15 Laptop Kit Keyboard LED Service driver pack before version 1.0.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access.Show less
CVE-2021-33093 1Intel 1Nuc M15 Laptop Kit Serial Io Driver Pack Nov 21, 2024 Nov 17, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Insecure inherited permissions in the installer for the Intel(R) NUC M15 Laptop Kit Serial IO driver pack before version 30.100.2104.1 may allow an authenticated user to potentially enable escalation of privilege via loc...Show more Insecure inherited permissions in the installer for the Intel(R) NUC M15 Laptop Kit Serial IO driver pack before version 30.100.2104.1 may allow an authenticated user to potentially enable escalation of privilege via local access.Show less
CVE-2021-33091 1Intel 1Nuc M15 Laptop Kit Audio Driver Pack Nov 21, 2024 Nov 17, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Insecure inherited permissions in the installer for the Intel(R) NUC M15 Laptop Kit audio driver pack before version 1.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2021-42955 1Zohocorp 1Manageengine Remote Access Plus Nov 21, 2024 Nov 17, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Zoho Remote Access Plus Server Windows Desktop binary fixed in version 10.1.2132 is affected by an unauthorized password reset vulnerability. Because of the designed password reset mechanism, any non-admin Windows user c...Show more Zoho Remote Access Plus Server Windows Desktop binary fixed in version 10.1.2132 is affected by an unauthorized password reset vulnerability. Because of the designed password reset mechanism, any non-admin Windows user can reset the password of the Remote Access Plus Server Admin account.Show less
CVE-2021-42954 1Zohocorp 1Manageengine Remote Access Plus Nov 21, 2024 Nov 17, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Zoho Remote Access Plus Server Windows Desktop Binary fixed from 10.1.2121.1 is affected by incorrect access control. The installation directory is vulnerable to weak file permissions by allowing full control for Windows...Show more Zoho Remote Access Plus Server Windows Desktop Binary fixed from 10.1.2121.1 is affected by incorrect access control. The installation directory is vulnerable to weak file permissions by allowing full control for Windows Everyone user group (non-admin or any guest users), thereby allowing privilege escalation, unauthorized password reset, stealing of sensitive data, access to credentials in plaintext, access to registry values, tampering with configuration files, etc.Show less
CVE-2020-4146 1Ibm 1Security Siteprotector System Nov 21, 2024 Nov 12, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive information, caused by missing 'HttpOnly' flag. A remote attacker could exploit this vulnerability to obtain sensitive information...Show more IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive information, caused by missing 'HttpOnly' flag. A remote attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 174129.Show less
CVE-2021-37207 1Siemens 1Sentron Powermanager 3 Nov 21, 2024 Nov 9, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A vulnerability has been identified in SENTRON powermanager V3 (All versions). The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticate...Show more A vulnerability has been identified in SENTRON powermanager V3 (All versions). The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.Show less
CVE-2021-41170 1Neoan 1Neoan3 Template Nov 21, 2024 Nov 8, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 neoan3-apps/template is a neoan3 minimal template engine. Versions prior to 1.1.1 have allowed for passing in closures directly into the template engine. As a result values that are callable are executed by the template...Show more neoan3-apps/template is a neoan3 minimal template engine. Versions prior to 1.1.1 have allowed for passing in closures directly into the template engine. As a result values that are callable are executed by the template engine. The issue arises if a value has the same name as a method or function in scope and can therefore be executed either by mistake or maliciously. In theory all users of the package are affected as long as they either deal with direct user input or database values. A multi-step attack on is therefore plausible. Version 1.1.1 has addressed this vulnerability. Unfortunately only working with hardcoded values is safe in prior versions. As this likely defeats the purpose of a template engine, please upgrade.Show less
CVE-2021-20526 1Ibm 1Planning Analytics Nov 21, 2024 Oct 27, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information...Show more IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 198755.Show less
CVE-2021-41589 1Gradle 2Build Cache Node Enterprise Nov 21, 2024 Oct 27, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Gradle Enterprise before 2021.3 (and Enterprise Build Cache Node before 10.0), there is potential cache poisoning and remote code execution when running the build cache node with its default configuration. This config...Show more In Gradle Enterprise before 2021.3 (and Enterprise Build Cache Node before 10.0), there is potential cache poisoning and remote code execution when running the build cache node with its default configuration. This configuration allows anonymous access to the configuration user interface and anonymous write access to the build cache. If access control to the build cache is not changed from the default open configuration, a malicious actor with network access can populate the cache with manipulated entries that may execute malicious code as part of a build process. This applies to the build cache provided with Gradle Enterprise and the separate build cache node service if used. If access control to the user interface is not changed from the default open configuration, a malicious actor can undo build cache access control in order to populate the cache with manipulated entries that may execute malicious code as part of a build process. This does not apply to the build cache provided with Gradle Enterprise, but does apply to the separate build cache node service if used.Show less
CVE-2021-37364 1Openclinic Ga Project 1Openclinic Ga Nov 21, 2024 Oct 26, 2021 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 OpenClinic GA 5.194.18 is affected by Insecure Permissions. By default the Authenticated Users group has the modify permission to openclinic folders/files. A low privilege account is able to rename mysqld.exe or tomcat8....Show more OpenClinic GA 5.194.18 is affected by Insecure Permissions. By default the Authenticated Users group has the modify permission to openclinic folders/files. A low privilege account is able to rename mysqld.exe or tomcat8.exe files located in bin folders and replace with a malicious file that would connect back to an attacking computer giving system level privileges (nt authority\system) due to the service running as Local System. While a low privilege user is unable to restart the service through the application, a restart of the computer triggers the execution of the malicious file. The application also have unquoted service path issues.Show less
CVE-2021-40343 1Nagios 1Nagios Xi Nov 21, 2024 Oct 26, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An issue was discovered in Nagios XI 5.8.5. Insecure file permissions on the nagios_unbundler.py file allow the nagios user to elevate their privileges to the root user.
CVE-2021-38475 1Auvesy 1Versiondog Nov 21, 2024 Oct 22, 2021 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions.
CVE-2020-14263 1Hcltech 1Traveler Companion Nov 21, 2024 Oct 21, 2021 N/A· v4 3.9 LOW· v3 2.1 LOW· v2 "HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK"
CVE-2021-31377 1Juniper 1Junos Nov 21, 2024 Oct 19, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An Incorrect Permission Assignment for Critical Resource vulnerability of a certain file in the filesystem of Junos OS allows a local authenticated attacker to cause routing process daemon (RPD) to crash and restart, cau...Show more An Incorrect Permission Assignment for Critical Resource vulnerability of a certain file in the filesystem of Junos OS allows a local authenticated attacker to cause routing process daemon (RPD) to crash and restart, causing a Denial of Service (DoS). Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S7; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R1-S1, 20.4R2.Show less

Previous 1...394041...84 Next