VYPR

CWE-732

Incorrect Permission Assignment for Critical Resource

ClassDraftLikelihood: High

Description

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

When a resource is given a permission setting that provides access to a wider range of actors than required, it could lead to the exposure of sensitive information, or the modification of that resource by unintended parties. This is especially dangerous when the resource is related to program configuration, execution, or sensitive user data. For example, consider a misconfigured storage account for the cloud that can be read or written by a public or anonymous user.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-122 · CAPEC-127 · CAPEC-17 · CAPEC-180 · CAPEC-206 · CAPEC-234 · CAPEC-60 · CAPEC-61 · CAPEC-62 · CAPEC-642

CVEs mapped to this weakness (623)

page 13 of 32
  • CVE-2025-54546HigOct 29, 2025
    risk 0.49cvss 7.5epss 0.00

    On affected platforms, restricted users could use SSH port forwarding to access host-internal services

  • CVE-2025-41664HigSep 8, 2025
    risk 0.49cvss 7.5epss 0.00

    A low-privileged remote attacker could gain unauthorized access to critical resources, such as firmware and certificates, due to improper permission handling during the runtime of services (e.g., FTP/SFTP). This access could allow the attacker to escalate privileges and modify…

  • CVE-2025-0590HigJan 20, 2025
    risk 0.49cvss 7.5epss 0.00

    Improper permission settings for mobile applications (com.transsion.carlcare) may lead to information leakage risk.

  • CVE-2024-45497HigDec 31, 2024
    risk 0.49cvss 7.6epss 0.01

    A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from…

  • CVE-2024-44729HigOct 11, 2024
    risk 0.49cvss 7.5epss 0.01

    Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226 allows unauthenticated attackers without presenter privileges to arbitrarily eject users from a meeting.

  • CVE-2024-29078HigMay 28, 2024
    risk 0.49cvss 7.5epss 0.00

    Incorrect permission assignment for critical resource issue exists in MosP kintai kanri V4.6.6 and earlier, which may allow a remote unauthenticated attacker with access to the product to alter the product settings.

  • CVE-2018-8848HigSep 26, 2018
    risk 0.49cvss 7.5epss 0.02

    Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software, upon installation, sets incorrect permissions for an object that exposes it to an unintended actor.

  • CVE-2018-15502HigSep 12, 2018
    risk 0.49cvss 7.5epss 0.01

    Insecure permissions in Lone Wolf Technologies loadingDOCS 2018-08-13 allow remote attackers to download any confidential files via https requests for predictable URLs.

  • CVE-2018-1000660HigSep 6, 2018
    risk 0.49cvss 7.5epss 0.01

    TOCK version prior to commit 42f7f36e74088036068d62253e1d8fb26605feed. For example dfde28196cd12071fcf6669f7654be7df482b85d contains a Insecure Permissions vulnerability in Function get_package_name in the file kernel/src/tbfheader.rs, variable "pub package_name: &'static str,"…

  • CVE-2018-15491HigAug 18, 2018
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the permission and encryption implementation of Zemana Anti-Logger 1.9.3.527 and prior (fixed in 1.9.3.602) allows an attacker to take control of the whitelisting feature (MyRules2.ini under %LOCALAPPDATA%\Zemana\ZALSDK) to permit execution of unauthorized…

  • CVE-2018-10869HigJul 19, 2018
    risk 0.49cvss 7.5epss 0.03

    redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd.

  • CVE-2018-12922HigJun 28, 2018
    risk 0.49cvss 7.5epss 0.02

    Emerson Liebert IntelliSlot Web Card devices allow remote attackers to reconfigure access control via the config/configUser.htm or config/configTelnet.htm URI.

  • CVE-2018-1000511HigJun 26, 2018
    risk 0.49cvss 7.5epss 0.01

    WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control vulnerability in AJAX that can result in allows anybody to delete any row in certain tables. This attack appear to be exploitable via Attacker must make AJAX request. This vulnerability appears to have been fixed in…

  • CVE-2018-0982HigJun 14, 2018
    risk 0.49cvss 7.0epss 0.03

    An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

  • CVE-2018-1000072HigMar 13, 2018
    risk 0.49cvss 7.5epss 0.02

    iRedMail version prior to commit f04b8ef contains a Insecure Permissions vulnerability in Roundcube Webmail that can result in Exfiltrate a user's password protected secret GPG key file and other important configuration files.. This attack appear to be exploitable via network…

  • CVE-2018-1000071HigMar 13, 2018
    risk 0.49cvss 7.5epss 0.02

    roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity.

  • CVE-2018-0089HigJan 18, 2018
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The attacker would…

  • CVE-2017-17568HigDec 13, 2017
    risk 0.49cvss 7.5epss 0.01

    Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin/user_activate_submit.php (aka the backend PHP script), which might allow remote attackers to obtain sensitive information via a direct request.

  • CVE-2017-1000125HigNov 17, 2017
    risk 0.49cvss 7.5epss 0.01

    Codiad(full version) is vulnerable to write anything to configure file in the installation resulting upload a webshell.

  • CVE-2017-0845HigNov 16, 2017
    risk 0.49cvss 7.5epss 0.00

    A denial of service vulnerability in the Android framework (syncstorageengine). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35028827.