Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-06 | CVE-2022-26237 | Incorrect Permission Assignment for Critical Resource vulnerability in Beckmancoulter Remisol Advance 2.0.12.1 The default privileges for the running service Normand Viewer Service in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. | 5.5 |
| 2022-10-06 | CVE-2022-26239 | Incorrect Permission Assignment for Critical Resource vulnerability in Beckmancoulter Remisol Advance 2.0.12.1 The default privileges for the running service Normand License Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows unprivileged users to overwrite and manipulate executables and libraries. | 5.5 |
| 2022-10-06 | CVE-2022-26240 | Incorrect Permission Assignment for Critical Resource vulnerability in Beckmancoulter Remisol Advance 2.0.12.1 The default privileges for the running service Normand Message Buffer in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. | 6.5 |
| 2022-10-06 | CVE-2022-2975 | Incorrect Permission Assignment for Critical Resource vulnerability in Avaya Aura Application Enablement Services A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application, allowing an administrative user to modify accounts leading to execution of arbitrary code as the root user. | 6.7 |
| 2022-09-30 | CVE-2022-23726 | Incorrect Permission Assignment for Critical Resource vulnerability in Pingidentity Pingcentral PingCentral versions prior to listed versions expose Spring Boot actuator endpoints that with administrative authentication return large amounts of sensitive environmental and application information. | 4.9 |
| 2022-09-29 | CVE-2020-15328 | Incorrect Permission Assignment for Critical Resource vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blobstorage/ permissions. | 5.3 |
| 2022-09-29 | CVE-2020-15329 | Incorrect Permission Assignment for Critical Resource vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions. | 5.3 |
| 2022-09-27 | CVE-2022-40817 | Incorrect Permission Assignment for Critical Resource vulnerability in Zammad 5.2.0/5.2.1 Zammad 5.2.1 has a fine-grained permission model that allows to configure read-only access to tickets. | 4.3 |
| 2022-09-23 | CVE-2022-35250 | Incorrect Permission Assignment for Critical Resource vulnerability in Rocket.Chat A privilege escalation vulnerability exists in Rocket.chat <v5 which made it possible to elevate privileges for any authenticated user to view Direct messages without appropriate permissions. | 4.3 |
| 2022-09-23 | CVE-2022-40298 | Incorrect Permission Assignment for Critical Resource vulnerability in Crestron Airmedia 4.3.1.39 Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39. | 8.8 |