Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE	CVE	VULNERABILITY TITLE	RISK
2025-02-11	CVE-2024-13813	Incorrect Permission Assignment for Critical Resource vulnerability in Ivanti Secure Access Client Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files. local low complexity ivanti CWE-732	7.1
2025-02-11	CVE-2025-23403	A vulnerability has been identified in SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions). local high complexity CWE-732	7.0
2025-02-04	CVE-2024-45657	IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment. local high complexity CWE-732	5.0
2025-01-19	CVE-2024-38337	IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow an unauthorized attacker to retrieve or alter sensitive information contents due to incorrect permission assignments. network low complexity CWE-732 critical	9.1
2025-01-14	CVE-2024-11497	An authenticated attacker can use this vulnerability to perform a privilege escalation to gain root access. network low complexity CWE-732	8.8
2025-01-06	CVE-2024-47475	Incorrect Permission Assignment for Critical Resource vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. local low complexity dell CWE-732	5.5
2024-12-31	CVE-2024-45497	A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. network low complexity CWE-732	7.6
2024-12-18	CVE-2024-47104	IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. network high complexity CWE-732	6.8
2024-12-06	CVE-2024-11220	Incorrect Permission Assignment for Critical Resource vulnerability in Openautomationsoftware Open Automation Software A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. local low complexity openautomationsoftware CWE-732	7.8
2024-11-13	CVE-2024-36276	Incorrect Permission Assignment for Critical Resource vulnerability in Intel Computing Improvement Program Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access. local low complexity intel CWE-732	7.8