VYPR

CWE-732

Incorrect Permission Assignment for Critical Resource

ClassDraftLikelihood: High

Description

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

When a resource is given a permission setting that provides access to a wider range of actors than required, it could lead to the exposure of sensitive information, or the modification of that resource by unintended parties. This is especially dangerous when the resource is related to program configuration, execution, or sensitive user data. For example, consider a misconfigured storage account for the cloud that can be read or written by a public or anonymous user.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-122 · CAPEC-127 · CAPEC-17 · CAPEC-180 · CAPEC-206 · CAPEC-234 · CAPEC-60 · CAPEC-61 · CAPEC-62 · CAPEC-642

CVEs mapped to this weakness (623)

page 19 of 32
  • CVE-2017-15611MedOct 19, 2017
    risk 0.42cvss 6.5epss 0.01

    In Octopus before 3.17.7, an authenticated user who was explicitly granted the permission to invite new users (aka UserInvite) can invite users to teams with escalated privileges.

  • CVE-2017-1000095MedOct 5, 2017
    risk 0.42cvss 6.5epss 0.01

    The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g.…

  • CVE-2017-9792MedOct 4, 2017
    risk 0.42cvss 6.5epss 0.02

    In Apache Impala (incubating) before 2.10.0, a malicious user with "ALTER" permissions on an Impala table can access any other Kudu table data by altering the table properties to make it "external" and then changing the underlying table mapping to point to other Kudu tables.…

  • CVE-2017-11437MedAug 2, 2017
    risk 0.42cvss 6.5epss 0.01

    GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an authenticated user with the ability to create a project to use the mirroring feature to potentially read repositories belonging to other users.

  • CVE-2017-0883MedApr 5, 2017
    risk 0.42cvss 6.4epss 0.01

    Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via OCS API issue. A permission related issue within the OCS sharing API allowed an authenticated adversary to reshare shared files with an increasing permission set. This may allow an…

  • CVE-2026-2254MedMay 27, 2026
    risk 0.41cvss 6.3epss 0.00

    Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, does not apply ACLs on certain API endpoints related to platform mail notfications.

  • CVE-2024-30208MedMay 14, 2024
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating…

  • CVE-2026-33430HigMar 26, 2026
    risk 0.40cvss 7.3epss 0.00

    Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users (i.e.,…

  • CVE-2025-0758MedApr 16, 2025
    risk 0.40cvss 6.1epss 0.00

    Overview  The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. (CWE-732)  Description  Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.2.0.2,…

  • CVE-2024-2905MedApr 25, 2024
    risk 0.40cvss 6.2epss 0.00

    A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive…

  • CVE-2024-29187HigMar 24, 2024
    risk 0.40cvss 7.3epss 0.00

    WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to drop and load multiple binaries. Standard users can hijack the…

  • CVE-2024-23223MedJan 23, 2024
    risk 0.40cvss 6.2epss 0.00

    A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. An app may be able to access sensitive user data.

  • CVE-2026-20092MedJan 21, 2026
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual Appliance could allow an authenticated, local attacker with administrative privileges to elevate privileges to root on the virtual appliance. This vulnerability is due to improper file permissions…

  • CVE-2025-12148MedOct 29, 2025
    risk 0.39cvss epss 0.00

    In Search Guard versions 3.1.1 and earlier, Field Masking (FM) rules are improperly enforced on fields of type IP (IP Address). While the content of these fields is properly redacted in the _source document returned by search operations, the results do return documents (hits)…

  • CVE-2025-12147MedOct 29, 2025
    risk 0.39cvss epss 0.00

    In Search Guard FLX versions 3.1.1 and earlier, Field-Level Security (FLS) rules are improperly enforced on object-valued fields. When an FLS exclusion rule (e.g., ~field) is applied to a field which contains an object as its value, the object is correctly removed from the…

  • CVE-2025-46802MedMay 26, 2025
    risk 0.39cvss 6.0epss 0.00

    For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

  • CVE-2026-0271MedJun 10, 2026
    risk 0.38cvss epss 0.00

    A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with elevated privileges. This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS.

  • CVE-2026-45726higJun 5, 2026
    risk 0.38cvss epss 0.00

    ## Summary Omni supports importing standalone Talos clusters. During this process, an ImportedClusterSecrets resource is created, which contains the full CA secrets bundle for the cluster being imported. If these secrets are not rotated by the importing actor, an…

  • CVE-2025-24009MedMay 13, 2025
    risk 0.38cvss 5.9epss 0.00

    A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions), SIRIUS Safety Relays 3SK2 (All versions). The affected devices do not require authentication to access critical resources. An attacker with network access could retrieve sensitive…

  • CVE-2024-8256MedDec 10, 2024
    risk 0.38cvss epss 0.00

    In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices running on versions 1.0 to 1.3 (excluding), due to incorrect permission handling a vulnerability exists which allows a lower privileged user with default permissions to access…