Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-12 | CVE-2019-4652 | Incorrect Default Permissions vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.4 uses insecure file permissions on restored files and directories in Windows which could allow a local user to obtain sensitive information or perform unauthorized actions. | 7.1 |
| 2019-11-07 | CVE-2013-1425 | Incorrect Default Permissions vulnerability in multiple products ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions. | 5.5 |
| 2019-11-05 | CVE-2019-1982 | Incorrect Default Permissions vulnerability in Cisco products A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. | 5.3 |
| 2019-11-01 | CVE-2019-12752 | Incorrect Default Permissions vulnerability in Symantec Sonar The Symantec SONAR component, prior to 12.0.2, may be susceptible to a tamper protection bypass vulnerability which could potentially allow an attacker to circumvent the existing tamper protection in use on the resident system. | 6.1 |
| 2019-10-31 | CVE-2019-18369 | Incorrect Default Permissions vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the corresponding permission was possible. | 5.3 |
| 2019-10-31 | CVE-2019-18367 | Incorrect Default Permissions vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user without the corresponding permissions. | 5.3 |
| 2019-10-31 | CVE-2019-18366 | Incorrect Default Permissions vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View build runtime parameters and data" permission. | 5.3 |
| 2019-10-28 | CVE-2012-5577 | Incorrect Default Permissions vulnerability in multiple products Python keyring lib before 0.10 created keyring files with world-readable permissions. | 7.5 |
| 2019-10-28 | CVE-2019-14925 | Incorrect Default Permissions vulnerability in multiple products An issue was discovered on Mitsubishi Electric Europe B.V. | 6.5 |
| 2019-10-23 | CVE-2019-10474 | Incorrect Default Permissions vulnerability in Jenkins Global Post Script A missing permission check in Jenkins Global Post Script Plugin in allowed users with Overall/Read access to list the scripts available to the plugin stored on the Jenkins master file system. | 4.3 |