Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-24	CVE-2020-28909	Incorrect Permission Assignment for Critical Resource vulnerability in Nagios Fusion Incorrect File Permissions in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root via modification of scripts. network low complexity nagios CWE-732	8.8
2021-05-24	CVE-2020-28910	Incorrect Permission Assignment for Critical Resource vulnerability in Nagios XI Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows for Privilege Escalation via creation of symlinks, which are mishandled in getprofile.sh. network low complexity nagios CWE-732 critical	9.8
2021-05-21	CVE-2021-33509	Incorrect Permission Assignment for Critical Resource vulnerability in Plone Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script. network low complexity plone CWE-732 critical	9.9
2021-05-19	CVE-2017-17677	Incorrect Permission Assignment for Critical Resource vulnerability in BMC Remedy Mid-Tier 9.1 BMC Remedy 9.1SP3 is affected by authenticated code execution. network low complexity bmc CWE-732	8.8
2021-05-18	CVE-2021-22117	Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Rabbitmq RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins. local low complexity vmware CWE-732	7.8
2021-05-13	CVE-2021-20996	Incorrect Permission Assignment for Critical Resource vulnerability in Wago products In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to third parties. network low complexity wago CWE-732	5.3
2021-05-11	CVE-2021-31902	Incorrect Permission Assignment for Critical Resource vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemented improperly. network low complexity jetbrains CWE-732	7.5
2021-05-11	CVE-2021-31907	Incorrect Permission Assignment for Critical Resource vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly. network low complexity jetbrains CWE-732	5.3
2021-05-10	CVE-2021-32056	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to bypass intended access restrictions on server annotations and consequently cause replication to stall. network low complexity cyrus fedoraproject CWE-732	4.3
2021-05-07	CVE-2021-32101	Incorrect Permission Assignment for Critical Resource vulnerability in Open-Emr Openemr 5.0.2.1 The Patient Portal of OpenEMR 5.0.2.1 is affected by a incorrect access control system in portal/patient/_machine_config.php. network low complexity open-emr CWE-732	8.2