Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-06 | CVE-2020-3312 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Firepower Management Center A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data on an affected device. | 7.5 |
| 2020-05-04 | CVE-2020-11443 | Incorrect Permission Assignment for Critical Resource vulnerability in Zoom IT Installer The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to version 4.6.10 deletes files located in %APPDATA%\Zoom before installing an updated version of the client. | 8.1 |
| 2020-04-30 | CVE-2019-19218 | Incorrect Permission Assignment for Critical Resource vulnerability in Bmcsoftware Control-M/Agent 7.0.00.000 BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage. | 7.5 |
| 2020-04-29 | CVE-2020-12459 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable. | 5.5 |
| 2020-04-29 | CVE-2020-12458 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An information-disclosure flaw was found in Grafana through 6.7.3. | 5.5 |
| 2020-04-29 | CVE-2020-8473 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB 800Xa Base System Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. | 7.8 |
| 2020-04-29 | CVE-2020-8472 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB products Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. | 7.8 |
| 2020-04-27 | CVE-2020-12120 | Incorrect Permission Assignment for Critical Resource vulnerability in Prestashop Correos Express 1.6/1.6.0.4/1.7 The Correos Express addon for PrestaShop 1.6 through 1.7 allows remote attackers to obtain sensitive information, such as a service's owner password that can be used to modify orders via SOAP. | 7.5 |
| 2020-04-23 | CVE-2020-4311 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Tivoli Monitoring 6.3.0 IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. | 7.0 |
| 2020-04-16 | CVE-2019-20693 | Incorrect Permission Assignment for Critical Resource vulnerability in Netgear Wac505 Firmware and Wac510 Firmware Certain NETGEAR devices are affected by incorrect configuration of security settings. | 5.4 |