Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-17	CVE-2021-42955	Incorrect Permission Assignment for Critical Resource vulnerability in Zohocorp Manageengine Remote Access Plus Zoho Remote Access Plus Server Windows Desktop binary fixed in version 10.1.2132 is affected by an unauthorized password reset vulnerability. local low complexity zohocorp CWE-732	7.8
2021-11-12	CVE-2020-4146	Incorrect Permission Assignment for Critical Resource vulnerability in IBM Security Siteprotector System 3.1.1.0 IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive information, caused by missing 'HttpOnly' flag. network low complexity ibm CWE-732	5.3
2021-10-27	CVE-2021-20526	Incorrect Permission Assignment for Critical Resource vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. network low complexity ibm CWE-732	5.3
2021-10-27	CVE-2021-41589	Incorrect Permission Assignment for Critical Resource vulnerability in Gradle Build Cache Node and Enterprise In Gradle Enterprise before 2021.3 (and Enterprise Build Cache Node before 10.0), there is potential cache poisoning and remote code execution when running the build cache node with its default configuration. network low complexity gradle CWE-732 critical	9.8
2021-10-26	CVE-2021-37364	Incorrect Permission Assignment for Critical Resource vulnerability in Openclinic GA Project Openclinic GA 5.194.18 OpenClinic GA 5.194.18 is affected by Insecure Permissions. local low complexity openclinic-ga-project CWE-732	7.8
2021-10-26	CVE-2021-40343	Incorrect Permission Assignment for Critical Resource vulnerability in Nagios XI 5.8.5 An issue was discovered in Nagios XI 5.8.5. local low complexity nagios CWE-732	7.8
2021-10-21	CVE-2020-14263	Incorrect Permission Assignment for Critical Resource vulnerability in Hcltech Traveler Companion "HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK" low complexity hcltech CWE-732	3.9
2021-10-19	CVE-2021-26589	Incorrect Permission Assignment for Critical Resource vulnerability in HPE products A potential security vulnerability has been identified in HPE Superdome Flex Servers. network low complexity hpe CWE-732	6.1
2021-10-08	CVE-2021-41802	Incorrect Permission Assignment for Critical Resource vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise through 1.7.4 and 1.8.3 allowed a user with write permission to an entity alias ID sharing a mount accessor with another user to acquire this other user’s policies by merging their identities. network low complexity hashicorp CWE-732	5.4
2021-10-06	CVE-2021-34758	Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service (DoS) condition. local low complexity cisco CWE-732	3.3