Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-29 | CVE-2022-44719 | Incorrect Permission Assignment for Critical Resource vulnerability in Ucopia Wireless Appliance Firmware An issue was discovered in Weblib Ucopia before 6.0.13. | 7.5 |
| 2023-06-29 | CVE-2023-37237 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup Appliance In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH. | 7.2 |
| 2023-06-27 | CVE-2023-35799 | Incorrect Permission Assignment for Critical Resource vulnerability in Stormshield Endpoint Security Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. | 5.5 |
| 2023-06-27 | CVE-2023-35800 | Incorrect Permission Assignment for Critical Resource vulnerability in Stormshield Endpoint Security Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. | 4.3 |
| 2023-06-23 | CVE-2023-29860 | Incorrect Permission Assignment for Critical Resource vulnerability in Dtstack Taier 1.3.0 An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows attackers to view sensitive information via the getCookie method. | 7.5 |
| 2023-06-20 | CVE-2023-26427 | Incorrect Permission Assignment for Critical Resource vulnerability in Open-Xchange Appsuite Backend Default permissions for a properties file were too permissive. | 3.3 |
| 2023-06-16 | CVE-2023-34154 | Incorrect Permission Assignment for Critical Resource vulnerability in Huawei Harmonyos Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to create windows in an arbitrary way, consuming system resources. | 8.2 |
| 2023-06-15 | CVE-2023-34797 | Incorrect Permission Assignment for Critical Resource vulnerability in Temenos CWX 8.5.6 Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows attackers to access sensitive information. | 5.4 |
| 2023-06-15 | CVE-2022-33163 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Security Directory Suite VA 8.0.1 IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. | 8.1 |
| 2023-06-14 | CVE-2023-35147 | Incorrect Permission Assignment for Critical Resource vulnerability in Jenkins AWS Codecommit Trigger 3.0.12 Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not restrict the AWS SQS queue name path parameter in an HTTP endpoint, allowing attackers with Item/Read permission to obtain the contents of arbitrary files on the Jenkins controller file system. | 6.5 |