Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2022-06-24 CVE-2021-41637 Incorrect Default Permissions vulnerability in Melag FTP Server 2.2.0.4
Weak access control permissions in MELAG FTP Server 2.2.0.4 allow the "Everyone" group to read the local FTP configuration file, which includes among other information the unencrypted passwords of all FTP users.
local
low complexity
melag CWE-276
7.1
2022-06-21 CVE-2022-1833 Incorrect Default Permissions vulnerability in Redhat AMQ Broker 7.9.4
A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low-privilege user that has access to the namespace where the AMQ Operator is deployed has access to clusterwide edit rights by checking the secrets.
network
low complexity
redhat CWE-276
8.8
2022-06-17 CVE-2022-33912 Incorrect Default Permissions vulnerability in multiple products
A permission issue affects users that deployed the shipped version of the Checkmk Debian package.
local
low complexity
tribe29 checkmk CWE-276
7.8
2022-06-13 CVE-2022-32562 Incorrect Default Permissions vulnerability in Couchbase Server
An issue was discovered in Couchbase Server before 7.0.4.
network
low complexity
couchbase CWE-276
8.8
2022-06-13 CVE-2021-46811 Incorrect Default Permissions vulnerability in Huawei Emui, Harmonyos and Magic UI
HwSEServiceAPP has a vulnerability in permission management.
network
low complexity
huawei CWE-276
5.3
2022-06-09 CVE-2022-25804 Incorrect Default Permissions vulnerability in Igel Universal Management Suite 6.07.100
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100.
local
low complexity
igel CWE-276
5.5
2022-06-07 CVE-2022-30747 Incorrect Default Permissions vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12
PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent.
local
low complexity
samsung CWE-276
5.5
2022-06-02 CVE-2022-28702 Incorrect Default Permissions vulnerability in ABB E-Design
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine.
local
low complexity
abb CWE-276
5.5
2022-06-02 CVE-2022-29483 Incorrect Default Permissions vulnerability in ABB E-Design
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine.
local
low complexity
abb CWE-276
7.8
2022-06-02 CVE-2022-31500 Incorrect Default Permissions vulnerability in Knime Analytics Platform
In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions.
local
low complexity
knime CWE-276
7.8