Vulnerabilities > Incorrect Default Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-27 | CVE-2023-4065 | Incorrect Default Permissions vulnerability in Redhat products A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. | 5.5 |
2023-09-22 | CVE-2022-4039 | Incorrect Default Permissions vulnerability in Redhat products A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. | 9.8 |
2023-09-21 | CVE-2023-42261 | Incorrect Default Permissions vulnerability in Opensecurity Mobile Security Framework Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. | 7.5 |
2023-09-20 | CVE-2023-43496 | Incorrect Default Permissions vulnerability in Jenkins Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions for newly created files when installing a plugin from a URL, potentially allowing attackers with access to the system temporary directory to replace the file before it is installed in Jenkins, potentially resulting in arbitrary code execution. | 8.8 |
2023-09-20 | CVE-2023-5042 | Incorrect Default Permissions vulnerability in Acronis Cyber Protect Home Office Sensitive information disclosure due to insecure folder permissions. | 7.5 |
2023-09-20 | CVE-2023-4088 | Incorrect Default Permissions vulnerability in Mitsubishielectric GX Works3 Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than the default installation folder. | 7.8 |
2023-09-15 | CVE-2022-3466 | Incorrect Default Permissions vulnerability in multiple products The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10.12 via RHBA-2022:5433 and RHSA-2022:1600. | 5.3 |
2023-09-12 | CVE-2023-37878 | Incorrect Default Permissions vulnerability in Wftpserver Wing FTP Server Insecure default permissions in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: <= 7.2.0. | 8.8 |
2023-09-11 | CVE-2023-31067 | Incorrect Default Permissions vulnerability in Tsplus Remote Access 16.0.0.0/16.0.2.14 An issue was discovered in TSplus Remote Access through 16.0.2.14. | 9.8 |
2023-09-11 | CVE-2023-31068 | Incorrect Default Permissions vulnerability in Tsplus Remote Access 16.0.0.0 An issue was discovered in TSplus Remote Access through 16.0.2.14. | 9.8 |