Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2021-07-29 CVE-2020-5353 Incorrect Default Permissions vulnerability in Dell EMC Isilon Onefs and EMC Powerscale Onefs
The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory.
network
low complexity
dell CWE-276
8.8
8.8
2021-07-28 CVE-2020-26180 Incorrect Default Permissions vulnerability in Dell EMC Isilon Onefs and EMC Powerscale Onefs
Dell EMC Isilon OneFS supported versions 8.1 and later and Dell EMC PowerScale OneFS supported version 9.0.0 contain an access issue with the remotesupport user account.
network
low complexity
dell CWE-276
8.8
8.8
2021-07-19 CVE-2020-29503 Incorrect Default Permissions vulnerability in Dell EMC Powerstore
Dell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file permission Vulnerability.
local
low complexity
dell CWE-276
4.4
4.4
2021-07-15 CVE-2020-25593 Incorrect Default Permissions vulnerability in Acronis True Image
Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions.
local
low complexity
acronis CWE-276
6.7
6.7
2021-07-14 CVE-2021-0441 Incorrect Default Permissions vulnerability in Google Android 11.0
In onCreate of PermissionActivity.java, there is a possible permission bypass due to Confusing UI.
local
low complexity
google CWE-276
7.3
7.3
2021-07-14 CVE-2021-0486 Incorrect Default Permissions vulnerability in Google Android 10.0/11.0
In onPackageAddedInternal of PermissionManagerService.java, there is possible access to external storage due to a permissions bypass.
local
low complexity
google CWE-276
7.8
7.8
2021-07-13 CVE-2021-31217 Incorrect Default Permissions vulnerability in Solarwinds Dameware Mini Remote Control 12.0.1.200
In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.
network
low complexity
solarwinds CWE-276
critical
 9.1
9.1
2021-07-09 CVE-2021-33214 Incorrect Default Permissions vulnerability in Hms-Networks Ecatcher
In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation.
local
low complexity
hms-networks CWE-276
6.1
6.1
2021-07-07 CVE-2021-26274 Incorrect Default Permissions vulnerability in Ninjarmm 5.0.909
The Agent in NinjaRMM 5.0.909 has Insecure Permissions.
local
low complexity
ninjarmm CWE-276
7.1
7.1
2021-06-30 CVE-2021-22346 Incorrect Default Permissions vulnerability in Huawei Emui and Magic UI
There is an Improper Permission Management Vulnerability in Huawei Smartphone.
network
low complexity
huawei CWE-276
5.3
5.3