Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-13 | CVE-2019-18577 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell Xtremio Management Server Dell EMC XtremIO XMS versions prior to 6.3.0 contain an incorrect permission assignment vulnerability. | 6.7 |
| 2020-03-10 | CVE-2019-13009 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 9.2 through 12.0.2. | 6.5 |
| 2020-03-10 | CVE-2019-12441 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 8.4 through 11.11. | 7.5 |
| 2020-03-09 | CVE-2020-1706 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift Container Platform It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. | 7.0 |
| 2020-03-07 | CVE-2020-9470 | Incorrect Permission Assignment for Critical Resource vulnerability in Wftpserver Wing FTP Server An issue was discovered in Wing FTP Server 6.2.5 before February 2020. | 7.8 |
| 2020-03-07 | CVE-2020-8635 | Incorrect Permission Assignment for Critical Resource vulnerability in Wftpserver Wing FTP Server 6.2.3 Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration files. | 7.8 |
| 2020-03-05 | CVE-2020-4278 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM products IBM Platform LSF 9.1 and 10.1, IBM Spectrum LSF Suite 10.2, and IBM Spectrum Suite for HPA 10.2 could allow a local user to escalate their privileges due to weak file permissions when specific debug settings are enabled in a Linux or Unix enviornment. | 7.8 |
| 2020-02-17 | CVE-2020-8768 | Incorrect Permission Assignment for Critical Resource vulnerability in Phoenixcontact ILC 2050 Bi-L Firmware and ILC 2050 BI Firmware An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI before 1.2.3 and BI-L before 1.2.3 devices. | 9.4 |
| 2020-02-17 | CVE-2020-1704 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift Service Mesh 1.0/1.0.7 An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh (maistra) before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. | 7.8 |
| 2020-02-17 | CVE-2020-9024 | Incorrect Permission Assignment for Critical Resource vulnerability in Iteris Vantage Velocity Firmware 2.3.1/2.4.2 Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world-writable permissions for the /root/cleardata.pl (executed as root by crond) and /root/loadperl.sh (executed as root at boot time) scripts. | 9.8 |