Vulnerabilities > Incorrect Default Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-20 | CVE-2023-20043 | Incorrect Default Permissions vulnerability in Cisco CX Cloud Agent A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. | 6.7 |
2023-01-17 | CVE-2020-36611 | Incorrect Default Permissions vulnerability in Hitachi Tuning Manager Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00. | 7.1 |
2022-12-22 | CVE-2022-29909 | Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. | 8.8 |
2022-12-20 | CVE-2022-47551 | Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. | 6.5 |
2022-12-13 | CVE-2022-20611 | Incorrect Default Permissions vulnerability in Google Android In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. | 7.8 |
2022-12-12 | CVE-2022-42446 | Incorrect Default Permissions vulnerability in Hcltech Sametime 12.0 Starting with Sametime 12, anonymous users are enabled by default. | 6.5 |
2022-12-08 | CVE-2022-45118 | Incorrect Default Permissions vulnerability in Openharmony 3.1/3.1.1/3.1.2 OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. | 5.5 |
2022-12-06 | CVE-2022-46382 | Incorrect Default Permissions vulnerability in Rackn Digital Rebar RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has Insecure Permissions. | 8.8 |
2022-12-02 | CVE-2022-45562 | Incorrect Default Permissions vulnerability in Telosalliance Omnia MPX Node Firmware 1.0.0/1.4.9 Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute arbitrary commands in vulnerable system functions that is requires high privilege to access. | 8.8 |
2022-12-01 | CVE-2022-42718 | Incorrect Default Permissions vulnerability in NI Labview Command Line Interface Incorrect default permissions in the installation folder for NI LabVIEW Command Line Interface (CLI) may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |