Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-05	CVE-2021-29247	Incorrect Permission Assignment for Critical Resource vulnerability in Btcpayserver Btcpay Server BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the HTTPOnly flag for a cookie. network low complexity btcpayserver CWE-732	5.3
2021-04-30	CVE-2021-20326	Incorrect Permission Assignment for Critical Resource vulnerability in Mongodb A user authorized to performing a specific type of find query may trigger a denial of service. network low complexity mongodb CWE-732	6.5
2021-04-27	CVE-2021-28269	Incorrect Permission Assignment for Critical Resource vulnerability in Soyal 701Client 9.0.1 Soyal Technology 701Client 9.0.1 is vulnerable to Insecure permissions via client.exe binary with Authenticated Users group with Full permissions. network low complexity soyal CWE-732	8.8
2021-04-26	CVE-2021-22669	Incorrect Permission Assignment for Critical Resource vulnerability in Advantech Webaccess/Scada Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate privileges on the system. network low complexity advantech CWE-732	8.8
2021-04-23	CVE-2021-31540	Incorrect Permission Assignment for Critical Resource vulnerability in Wowza Streaming Engine Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/ directory. local low complexity wowza CWE-732	7.1
2021-04-21	CVE-2020-27568	Incorrect Permission Assignment for Critical Resource vulnerability in Aviatrix Controller 5.3.1516 Insecure File Permissions exist in Aviatrix Controller 5.3.1516. network low complexity aviatrix CWE-732	7.5
2021-04-14	CVE-2021-28098	Incorrect Permission Assignment for Critical Resource vulnerability in Forescout Counteract 8.0 An issue was discovered in Forescout CounterACT before 8.1.4. local low complexity forescout CWE-732	7.8
2021-04-13	CVE-2021-22716	Incorrect Permission Assignment for Critical Resource vulnerability in Schneider-Electric C-Bus Toolkit 1.15.7 A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. local low complexity schneider-electric CWE-732	7.8
2021-04-13	CVE-2021-28646	Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Apex ONE and Officescan An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations. local low complexity trendmicro CWE-732	5.5
2021-04-13	CVE-2021-28645	Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Apex ONE and Officescan An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. local low complexity trendmicro CWE-732	7.8