Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-12 | CVE-2022-25172 | Incorrect Permission Assignment for Critical Resource vulnerability in Inhandnetworks Ir302 Firmware 3.5.4 An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. | 6.1 |
| 2022-05-11 | CVE-2022-23743 | Incorrect Permission Assignment for Critical Resource vulnerability in Checkpoint Zonealarm Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. | 7.8 |
| 2022-05-11 | CVE-2021-44167 | Incorrect Permission Assignment for Critical Resource vulnerability in Fortinet Forticlient An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links. | 7.5 |
| 2022-05-06 | CVE-2021-27764 | Incorrect Permission Assignment for Critical Resource vulnerability in Hcltech Bigfix Webui Cookie without HTTPONLY flag set. | 6.5 |
| 2022-05-05 | CVE-2022-26340 | Incorrect Permission Assignment for Critical Resource vulnerability in F5 products On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all versions of 8.x and 7.x, an authenticated, high-privileged attacker with no bash access may be able to access Certificate and Key files using Secure Copy (SCP) protocol from a remote system. | 4.9 |
| 2022-05-05 | CVE-2022-29263 | Incorrect Permission Assignment for Critical Resource vulnerability in F5 products On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, the BIG-IP Edge Client Component Installer Service does not use best practice while saving temporary files. | 7.8 |
| 2022-04-27 | CVE-2022-22521 | Incorrect Permission Assignment for Critical Resource vulnerability in Miele Benchmark Programming Tool 1.0.49/1.1.49/1.2.71 In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated by attackers are unknowingly executed with users privileges. | 7.3 |
| 2022-04-27 | CVE-2022-24886 | Incorrect Permission Assignment for Critical Resource vulnerability in Nextcloud Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. | 3.8 |
| 2022-04-20 | CVE-2022-24872 | Incorrect Permission Assignment for Critical Resource vulnerability in Shopware Shopware is an open commerce platform based on Symfony Framework and Vue. | 8.1 |
| 2022-04-20 | CVE-2021-38483 | Incorrect Permission Assignment for Critical Resource vulnerability in Fanuc Roboguide 9.40083.00.05 The affected product is vulnerable to misconfigured binaries, allowing users on the target PC with SYSTEM level privileges access to overwrite the binary and modify files to gain privilege escalation. | 5.7 |