CWE-732
Incorrect Permission Assignment for Critical Resource
Description
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-1 · CAPEC-122 · CAPEC-127 · CAPEC-17 · CAPEC-180 · CAPEC-206 · CAPEC-234 · CAPEC-60 · CAPEC-61 · CAPEC-62 · CAPEC-642
CVEs mapped to this weakness (623)
page 28 of 32| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-3101 | — | 0.00 | — | 0.00 | Mar 23, 2023 | A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to… | ||
| CVE-2023-27095 | 0.00 | — | 0.01 | Mar 16, 2023 | Insecure Permissions vulnerability found in OpenGoofy Hippo4j v.1.4.3 allows attacker toescalate privileges via the AddUser method of the UserController function in Tenant Management module. | |||
| CVE-2023-23939 | 0.00 | — | 0.00 | Mar 6, 2023 | Azure/setup-kubectl is a GitHub Action for installing Kubectl. This vulnerability only impacts versions before version 3. An insecure temporary creation of a file allows other actors on the Actions runner to replace the Kubectl binary created by this action because it is world… | |||
| CVE-2021-37306 | — | 0.00 | — | 0.01 | Feb 3, 2023 | An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: api uri:/sys/user/checkOnlyUser?username=admin. | ||
| CVE-2022-42949 | — | 0.00 | — | 0.01 | Dec 20, 2022 | Silverstripe silverstripe/subsites through 2.6.0 has Insecure Permissions. | ||
| CVE-2022-39284 | 0.00 | — | 0.01 | Oct 6, 2022 | CodeIgniter is a PHP full-stack web framework. In versions prior to 4.2.7 setting `$secure` or `$httponly` value to `true` in `Config\Cookie` is not reflected in `set_cookie()` or `Response::setCookie()`. As a result cookie values are erroneously exposed to scripts. It should be… | |||
| CVE-2022-32169 | 0.00 | — | 0.01 | Sep 28, 2022 | The “Bytebase” application does not restrict low privilege user to access “admin issues“ for which an unauthorized user can view the “OPEN” and “CLOSED” issues by “Admin” and the affected endpoint is “/issue”. | |||
| CVE-2022-39219 | — | 0.00 | — | 0.01 | Sep 26, 2022 | Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. Versions 1.8.6-release and prior are vulnerable to authentication bypass when using HTTP basic authentication. This may allow group members who only have read permissions… | ||
| CVE-2022-2995 | — | 0.00 | — | 0.00 | Sep 19, 2022 | Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and… | ||
| CVE-2022-36103 | — | 0.00 | — | 0.01 | Sep 13, 2022 | Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due to improper validation of the request while signing a worker node CSR (certificate signing request) Talos control plane node… | ||
| CVE-2022-37435 | 0.00 | — | 0.01 | Sep 1, 2022 | Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords. This issue affects Apache ShenYu 2.4.2 and 2.4.3. | |||
| CVE-2022-38183 | 0.00 | — | 0.01 | Aug 12, 2022 | In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea (there was no permission check for fetching the issue). As a result, the attacker would get access to… | |||
| CVE-2022-34112 | 0.00 | — | 0.01 | Jul 22, 2022 | An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator. | |||
| CVE-2022-29405 | 0.00 | — | 0.02 | May 25, 2022 | In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8 | |||
| CVE-2022-1810 | 0.00 | — | 0.01 | May 23, 2022 | Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9. | |||
| CVE-2022-28056 | — | 0.00 | — | 0.01 | May 2, 2022 | ShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php. | ||
| CVE-2022-24872 | — | 0.00 | — | 0.01 | Apr 20, 2022 | Shopware is an open commerce platform based on Symfony Framework and Vue. Permissions set to sales channel context by admin-api are still usable within normal user session. Users are advised to update to the current version 6.4.10.1. For older versions of 6.1, 6.2, and 6.3,… | ||
| CVE-2022-28137 | 0.00 | — | 0.01 | Mar 29, 2022 | A missing permission check in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. | |||
| CVE-2022-22941 | 0.00 | — | 0.01 | Mar 29, 2022 | An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_acl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no… | |||
| CVE-2022-24769 | 0.00 | — | 0.00 | Mar 24, 2022 | Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby (Docker Engine) prior to version 20.10.14 where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an… |
- CVE-2022-3101Mar 23, 2023risk 0.00cvss —epss 0.00
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to…
- CVE-2023-27095Mar 16, 2023risk 0.00cvss —epss 0.01
Insecure Permissions vulnerability found in OpenGoofy Hippo4j v.1.4.3 allows attacker toescalate privileges via the AddUser method of the UserController function in Tenant Management module.
- CVE-2023-23939Mar 6, 2023risk 0.00cvss —epss 0.00
Azure/setup-kubectl is a GitHub Action for installing Kubectl. This vulnerability only impacts versions before version 3. An insecure temporary creation of a file allows other actors on the Actions runner to replace the Kubectl binary created by this action because it is world…
- CVE-2021-37306Feb 3, 2023risk 0.00cvss —epss 0.01
An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: api uri:/sys/user/checkOnlyUser?username=admin.
- CVE-2022-42949Dec 20, 2022risk 0.00cvss —epss 0.01
Silverstripe silverstripe/subsites through 2.6.0 has Insecure Permissions.
- CVE-2022-39284Oct 6, 2022risk 0.00cvss —epss 0.01
CodeIgniter is a PHP full-stack web framework. In versions prior to 4.2.7 setting `$secure` or `$httponly` value to `true` in `Config\Cookie` is not reflected in `set_cookie()` or `Response::setCookie()`. As a result cookie values are erroneously exposed to scripts. It should be…
- CVE-2022-32169Sep 28, 2022risk 0.00cvss —epss 0.01
The “Bytebase” application does not restrict low privilege user to access “admin issues“ for which an unauthorized user can view the “OPEN” and “CLOSED” issues by “Admin” and the affected endpoint is “/issue”.
- CVE-2022-39219Sep 26, 2022risk 0.00cvss —epss 0.01
Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. Versions 1.8.6-release and prior are vulnerable to authentication bypass when using HTTP basic authentication. This may allow group members who only have read permissions…
- CVE-2022-2995Sep 19, 2022risk 0.00cvss —epss 0.00
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and…
- CVE-2022-36103Sep 13, 2022risk 0.00cvss —epss 0.01
Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due to improper validation of the request while signing a worker node CSR (certificate signing request) Talos control plane node…
- CVE-2022-37435Sep 1, 2022risk 0.00cvss —epss 0.01
Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords. This issue affects Apache ShenYu 2.4.2 and 2.4.3.
- CVE-2022-38183Aug 12, 2022risk 0.00cvss —epss 0.01
In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea (there was no permission check for fetching the issue). As a result, the attacker would get access to…
- CVE-2022-34112Jul 22, 2022risk 0.00cvss —epss 0.01
An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator.
- CVE-2022-29405May 25, 2022risk 0.00cvss —epss 0.02
In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8
- CVE-2022-1810May 23, 2022risk 0.00cvss —epss 0.01
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9.
- CVE-2022-28056May 2, 2022risk 0.00cvss —epss 0.01
ShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php.
- CVE-2022-24872Apr 20, 2022risk 0.00cvss —epss 0.01
Shopware is an open commerce platform based on Symfony Framework and Vue. Permissions set to sales channel context by admin-api are still usable within normal user session. Users are advised to update to the current version 6.4.10.1. For older versions of 6.1, 6.2, and 6.3,…
- CVE-2022-28137Mar 29, 2022risk 0.00cvss —epss 0.01
A missing permission check in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.
- CVE-2022-22941Mar 29, 2022risk 0.00cvss —epss 0.01
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_acl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no…
- CVE-2022-24769Mar 24, 2022risk 0.00cvss —epss 0.00
Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby (Docker Engine) prior to version 20.10.14 where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an…