Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-6033

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-20 Nov, 2007 | 02:00
Updated At-07 Aug, 2024 | 15:54
Rejected At-
Credits

Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrary programs.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:20 Nov, 2007 | 02:00
Updated At:07 Aug, 2024 | 15:54
Rejected At:
▼CVE Numbering Authority (CNA)

Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrary programs.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsThreadID=2&NewsID=201804
x_refsource_CONFIRM
http://www.kb.cert.org/vuls/id/138633
third-party-advisory
x_refsource_CERT-VN
http://osvdb.org/42398
vdb-entry
x_refsource_OSVDB
http://www.digitalbond.com/index.php/2007/11/19/wonderware-intouch-80-netdde-vulnerability-s4-preview/
x_refsource_MISC
http://secunia.com/advisories/27751
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/26496
vdb-entry
x_refsource_BID
Hyperlink: http://pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsThreadID=2&NewsID=201804
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.kb.cert.org/vuls/id/138633
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://osvdb.org/42398
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.digitalbond.com/index.php/2007/11/19/wonderware-intouch-80-netdde-vulnerability-s4-preview/
Resource:
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/27751
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/26496
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsThreadID=2&NewsID=201804
x_refsource_CONFIRM
x_transferred
http://www.kb.cert.org/vuls/id/138633
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://osvdb.org/42398
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.digitalbond.com/index.php/2007/11/19/wonderware-intouch-80-netdde-vulnerability-s4-preview/
x_refsource_MISC
x_transferred
http://secunia.com/advisories/27751
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/26496
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsThreadID=2&NewsID=201804
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/138633
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://osvdb.org/42398
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.digitalbond.com/index.php/2007/11/19/wonderware-intouch-80-netdde-vulnerability-s4-preview/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/27751
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/26496
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:20 Nov, 2007 | 02:46
Updated At:23 Apr, 2026 | 00:35

Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrary programs.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.09.0HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 9.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
CPE Matches

wonderware
wonderware
>>intouch>>8.0
cpe:2.3:a:wonderware:intouch:8.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-732Primarynvd@nist.gov
CWE ID: CWE-732
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://osvdb.org/42398cve@mitre.org
Broken Link
http://pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsThreadID=2&NewsID=201804cve@mitre.org
Broken Link
http://secunia.com/advisories/27751cve@mitre.org
Broken Link
Vendor Advisory
http://www.digitalbond.com/index.php/2007/11/19/wonderware-intouch-80-netdde-vulnerability-s4-preview/cve@mitre.org
Not Applicable
http://www.kb.cert.org/vuls/id/138633cve@mitre.org
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/26496cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://osvdb.org/42398af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsThreadID=2&NewsID=201804af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/27751af854a3a-2127-422b-91ae-364da2661108
Broken Link
Vendor Advisory
http://www.digitalbond.com/index.php/2007/11/19/wonderware-intouch-80-netdde-vulnerability-s4-preview/af854a3a-2127-422b-91ae-364da2661108
Not Applicable
http://www.kb.cert.org/vuls/id/138633af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/26496af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://osvdb.org/42398
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsThreadID=2&NewsID=201804
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/27751
Source: cve@mitre.org
Resource:
Broken Link
Vendor Advisory
Hyperlink: http://www.digitalbond.com/index.php/2007/11/19/wonderware-intouch-80-netdde-vulnerability-s4-preview/
Source: cve@mitre.org
Resource:
Not Applicable
Hyperlink: http://www.kb.cert.org/vuls/id/138633
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.securityfocus.com/bid/26496
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://osvdb.org/42398
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsThreadID=2&NewsID=201804
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/27751
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Vendor Advisory
Hyperlink: http://www.digitalbond.com/index.php/2007/11/19/wonderware-intouch-80-netdde-vulnerability-s4-preview/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Not Applicable
Hyperlink: http://www.kb.cert.org/vuls/id/138633
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.securityfocus.com/bid/26496
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

94Records found

CVE-2022-43773
Matching Score-4
Assigner-Hitachi Vantara
ShareView Details
Matching Score-4
Assigner-Hitachi Vantara
CVSS Score-8.8||HIGH
EPSS-22.18% / 97.38%
||
7 Day CHG~0.00%
Published-03 Apr, 2023 | 17:59
Updated-11 Feb, 2025 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hitachi Vantara Pentaho Business Analytics Server - Incorrect Permission Assignment for Critical Resource

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is installed with a sample HSQLDB data source configured with stored procedures enabled. 

Action-Not Available
Vendor-Hitachi Vantara LLCHitachi, Ltd.
Product-vantara_pentaho_business_analytics_serverPentaho Business Analytics Server
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2020-15838
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.22% / 65.00%
||
7 Day CHG~0.00%
Published-09 Oct, 2020 | 06:37
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Agent Update System in ConnectWise Automate before 2020.8 allows Privilege Escalation because the _LTUPDATE folder has weak permissions.

Action-Not Available
Vendor-connectwisen/a
Product-automaten/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-40298
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.59% / 43.77%
||
7 Day CHG+0.02%
Published-22 Sep, 2022 | 23:30
Updated-27 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39. A low privileged user can initiate a repair of the system and gain a SYSTEM level shell.

Action-Not Available
Vendor-n/aCrestron Electronics, Inc.
Product-airmedian/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-40756
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.66% / 46.98%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:15
Updated-20 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

If folder security is misconfigured for Actian Zen PSQL BEFORE Patch Update 1 for Zen 15 SP1 (v15.11.005), Patch Update 4 for Zen 15 (v15.01.017), or Patch Update 5 for Zen 14 SP2 (v14.21.022), it can allow an attacker (with file read/write access) to remove specific security files in order to reset the master password and gain access to the database.

Action-Not Available
Vendor-actiann/a
Product-psqlzenn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-37369
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-8.5||HIGH
EPSS-0.33% / 25.27%
||
7 Day CHG~0.00%
Published-14 Jun, 2024 | 16:50
Updated-31 Jan, 2025 | 15:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions

A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-factorytalk_viewFactoryTalk® View SEfactorytalk_view
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-37435
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-8.8||HIGH
EPSS-1.15% / 63.03%
||
7 Day CHG+0.04%
Published-01 Sep, 2022 | 14:00
Updated-03 Aug, 2024 | 10:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache ShenYu Admin Improper Privilege Management

Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords. This issue affects Apache ShenYu 2.4.2 and 2.4.3.

Action-Not Available
Vendor-The Apache Software Foundation
Product-shenyuApache ShenYu
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2025-0066
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-9.9||CRITICAL
EPSS-0.55% / 42.13%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:09
Updated-23 Oct, 2025 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information Disclosure vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Framework)

Under certain conditions SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Framework) allows an attacker to access restricted information due to weak access controls. This can have a significant impact on the confidentiality, integrity, and availability of an application

Action-Not Available
Vendor-SAP SE
Product-sap_basisSAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Framework)
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-7594
Matching Score-4
Assigner-HashiCorp Inc.
ShareView Details
Matching Score-4
Assigner-HashiCorp Inc.
CVSS Score-7.5||HIGH
EPSS-0.27% / 18.51%
||
7 Day CHG-0.00%
Published-26 Sep, 2024 | 19:52
Updated-13 Nov, 2025 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

Vault’s SSH secrets engine did not require the valid_principals list to contain a value by default. If the valid_principals and default_user fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to authenticate as any user on the host. Fixed in Vault Community Edition 1.17.6, and in Vault Enterprise 1.17.6, 1.16.10, and 1.15.15.

Action-Not Available
Vendor-openbaoHashiCorp, Inc.
Product-vaultopenbaoVaultVault Enterprisevault_enterprisevault_community_edition
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-7513
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-8.5||HIGH
EPSS-1.66% / 73.72%
||
7 Day CHG~0.00%
Published-14 Aug, 2024 | 19:48
Updated-15 Aug, 2025 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation FactoryTalk® View Site Edition Code Execution Vulnerability via File Permissions

CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-factorytalk_viewFactoryTalk View Site Editionfactorytalk_view
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-6435
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-8.7||HIGH
EPSS-0.49% / 38.48%
||
7 Day CHG~0.00%
Published-16 Jul, 2024 | 13:00
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation Privilege Escalation Vulnerability in Pavilion8®

A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. If exploited, an attacker could read sensitive data, and create users. For example, a malicious user with basic privileges could perform critical functions such as creating a user with elevated privileges and reading sensitive information in the “views” section.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-pavilion8Pavilion8®
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-55411
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.38% / 30.08%
||
7 Day CHG~0.00%
Published-07 Jan, 2025 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the snxpcamd.sys component of SUNIX Multi I/O Card v10.1.0.0 allows attackers to perform arbitrary read and write actions via supplying crafted IOCTL requests.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-28802
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.00% / 58.50%
||
7 Day CHG~0.00%
Published-21 Sep, 2022 | 19:46
Updated-27 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Code by Zapier before 2022-08-17 allowed intra-account privilege escalation that included execution of Python or JavaScript code. In other words, Code by Zapier was providing a customer-controlled general-purpose virtual machine that unintentionally granted full access to all users of a company's account, but was supposed to enforce role-based access control within that company's account. Before 2022-08-17, a customer could have resolved this by (in effect) using a separate virtual machine for an application that held credentials - or other secrets - that weren't supposed to be shared among all of its employees. (Multiple accounts would have been needed to operate these independent virtual machines.)

Action-Not Available
Vendor-zapiern/a
Product-code_by_zapiern/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-35167
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.94% / 56.67%
||
7 Day CHG~0.00%
Published-19 Aug, 2022 | 01:03
Updated-03 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Printix Cloud Print Management v1.3.1149.0 for Windows was discovered to contain insecure permissions.

Action-Not Available
Vendor-prinitixn/a
Product-cloud_print_managementn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-3683
Matching Score-4
Assigner-SUSE
ShareView Details
Matching Score-4
Assigner-SUSE
CVSS Score-8.8||HIGH
EPSS-0.94% / 56.42%
||
7 Day CHG~0.00%
Published-17 Jan, 2020 | 11:10
Updated-17 Sep, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
keystone_json_assignment backend granted access to any project for users in user-project-map.json

The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations.

Action-Not Available
Vendor-SUSEHP Inc.
Product-helion_openstackkeystone-json-assignmentopenstack_cloudSUSE Openstack Cloud 8
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-45041
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.3||HIGH
EPSS-0.59% / 43.96%
||
7 Day CHG~0.00%
Published-09 Sep, 2024 | 14:54
Updated-18 Sep, 2024 | 17:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
External Secrets Operator vulnerable to privilege escalation

External Secrets Operator is a Kubernetes operator that integrates external secret management systems. The external-secrets has a deployment called default-external-secrets-cert-controller, which is bound with a same-name ClusterRole. This ClusterRole has "get/list" verbs of secrets resources. It also has path/update verb of validatingwebhookconfigurations resources. This can be used to abuse the SA token of the deployment to retrieve or get ALL secrets in the whole cluster, capture and log all data from requests attempting to update Secrets, or make a webhook deny all Pod create and update requests. This vulnerability is fixed in 0.10.2.

Action-Not Available
Vendor-external-secretsexternal-secretsexternal-secrets
Product-external_secrets_operatorexternal-secretsexternal-secrets
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-30929
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.75% / 75.17%
||
7 Day CHG+0.29%
Published-06 Jul, 2022 | 14:21
Updated-03 Aug, 2024 | 07:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper.

Action-Not Available
Vendor-mini_tmall_projectn/a
Product-mini_tmalln/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-43199
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.10% / 61.59%
||
7 Day CHG~0.00%
Published-07 Aug, 2024 | 00:00
Updated-13 Sep, 2024 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain executable files are owned by the nagios user.

Action-Not Available
Vendor-n/aNagios Enterprises, LLC
Product-ndoutilsn/andoutils
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2022-22941
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-8.8||HIGH
EPSS-1.31% / 67.25%
||
7 Day CHG~0.00%
Published-29 Mar, 2022 | 00:00
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_acl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid, allowing configured users to target any of the minions connected to the syndic with their configured commands. This requires a syndic master combined with publisher_acl configured on the Master-of-Masters, allowing users specified in the publisher_acl to bypass permissions, publishing authorized commands to any configured minion.

Action-Not Available
Vendor-saltstackn/a
Product-saltSaltStack Salt
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-36821
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.90% / 85.25%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 00:00
Updated-16 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root.

Action-Not Available
Vendor-n/aLinksys Holdings, Inc.
Product-velop_whw0101velop_whw0101_firmwaren/awhw01v1_firmware
CWE ID-CWE-379
Creation of Temporary File in Directory with Insecure Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-3668
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.43% / 34.64%
||
7 Day CHG~0.00%
Published-08 Jun, 2024 | 04:32
Updated-08 Apr, 2026 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PowerPack Pro for Elementor <= 2.10.17 - Authenticated (Contributor+) Privilege Escalation

The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.10.17. This is due to the plugin not restricting low privileged users from setting a default role for a registration form. This makes it possible for authenticated attackers, with contributor-level access and above, to create a registration form with administrator set as the default role and then register as an administrator.

Action-Not Available
Vendor-ideaboxPowerPack
Product-powerpack_addons_for_elementorPowerPack Pro for Elementor
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-7311
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.25% / 80.74%
||
7 Day CHG-0.04%
Published-21 Feb, 2018 | 22:00
Updated-05 Aug, 2024 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability. The software installs a privileged helper tool that runs as the root user. This privileged helper tool is installed as a LaunchDaemon and implements an XPC service. The XPC service is responsible for handling new VPN connection operations via the main PrivateVPN application. The privileged helper tool creates new VPN connections by executing the openvpn binary located in the /Applications/PrivateVPN.app/Contents/Resources directory. The openvpn binary can be overwritten by the default user, which allows an attacker that has already installed malicious software as the default user to replace the binary. When a new VPN connection is established, the privileged helper tool will launch this malicious binary, thus allowing an attacker to execute code as the root user. NOTE: the vendor has reportedly indicated that this behavior is "an acceptable part of their software.

Action-Not Available
Vendor-privatevpnn/aprivatevpn
Product-privatevpnn/aprivatevpn
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-11328
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.13% / 79.68%
||
7 Day CHG~0.00%
Published-14 May, 2019 | 20:24
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host.

Action-Not Available
Vendor-sylabsn/aopenSUSEFedora Project
Product-fedorasingularitybackportsleapn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2025-45471
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.34% / 26.31%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 00:00
Updated-14 Oct, 2025 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure permissions in measure-cold-start v1.4.1 allows attackers to escalate privileges and compromise the customer cloud account.

Action-Not Available
Vendor-lumigon/a
Product-measure-cold-startn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2025-45468
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.30% / 21.96%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 00:00
Updated-21 Oct, 2025 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure permissions in fc-stable-diffusion-plus v1.0.18 allows attackers to escalate privileges and compromise the customer cloud account.

Action-Not Available
Vendor-devsappn/a
Product-fc-stable-diffusionn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-21915
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-9||CRITICAL
EPSS-0.99% / 58.23%
||
7 Day CHG~0.00%
Published-16 Feb, 2024 | 18:20
Updated-11 Dec, 2024 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation FactoryTalk® Service Platform Elevated Privileges Vulnerability Through Web Service Functionality

A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read and modify sensitive data, delete data and render the FTSP system unavailable.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-factorytalk_services_platformFactoryTalk® Service Platformfactorytalk_services_platform
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-11497
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-0.37% / 28.98%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 13:55
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Phoenix Contact: CHARX-SEC3xxx Charge controllers vulnerable to privilege escalation

An authenticated attacker can use this vulnerability to perform a privilege escalation to gain root access.

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-CHARX SEC-3100CHARX SEC-3150CHARX SEC-3000CHARX SEC-3050
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-49257
Matching Score-4
Assigner-CERT.PL
ShareView Details
Matching Score-4
Assigner-CERT.PL
CVSS Score-8.8||HIGH
EPSS-0.32% / 23.77%
||
7 Day CHG~0.00%
Published-12 Jan, 2024 | 14:24
Updated-11 Jun, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command execution using the certificate upload utility

An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate upload utility and execute it with the root user privileges.

Action-Not Available
Vendor-hongdianHongdian
Product-h8951-4g-esp_firmwareh8951-4g-espH8951-4G-ESP
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-46449
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.76% / 50.62%
||
7 Day CHG~0.00%
Published-26 Oct, 2023 | 00:00
Updated-12 Sep, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect Access Control. An arbitrary user can change the password of another user and takeover the account via IDOR in the password change function.

Action-Not Available
Vendor-n/amayuri_k
Product-inventory_management_systemn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-4665
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-8.8||HIGH
EPSS-1.05% / 60.11%
||
7 Day CHG~0.00%
Published-15 Sep, 2023 | 08:39
Updated-21 May, 2026 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilage Escalation in Saphira Connect

Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation. This issue affects Saphira Connect: before 9.

Action-Not Available
Vendor-SaphiraAdobe Inc.
Product-connectSaphira Connect
CWE ID-CWE-279
Incorrect Execution-Assigned Permissions
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-32986
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-8.8||HIGH
EPSS-63.14% / 99.10%
||
7 Day CHG~0.00%
Published-16 May, 2023 | 16:00
Updated-23 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins File Parameter Plugin 285.v757c5b_67a_c25 and earlier does not restrict the name (and resulting uploaded file name) of Stashed File Parameters, allowing attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.

Action-Not Available
Vendor-Jenkins
Product-file_parametersJenkins File Parameter Plugin
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-32992
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-8.8||HIGH
EPSS-0.83% / 53.14%
||
7 Day CHG~0.00%
Published-16 May, 2023 | 16:00
Updated-23 Jan, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML.

Action-Not Available
Vendor-Jenkins
Product-saml_single_sign_onJenkins SAML Single Sign On(SSO) Plugin
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-32724
Matching Score-4
Assigner-Zabbix
ShareView Details
Matching Score-4
Assigner-Zabbix
CVSS Score-9.1||CRITICAL
EPSS-0.59% / 44.00%
||
7 Day CHG~0.00%
Published-12 Oct, 2023 | 06:14
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JavaScript engine memory pointers are directly available for Zabbix users for modification

Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation.

Action-Not Available
Vendor-ZABBIX
Product-zabbixZabbix
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-31874
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.90% / 91.03%
||
7 Day CHG~0.00%
Published-28 May, 2023 | 00:00
Updated-14 Jan, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process').

Action-Not Available
Vendor-yank-noten/a
Product-yank_noten/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-28522
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.51% / 39.92%
||
7 Day CHG~0.00%
Published-12 May, 2023 | 01:22
Updated-24 Jan, 2025 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM API Connect improper access control

IBM API Connect V10 could allow an authenticated user to perform actions that they should not have access to. IBM X-Force ID: 250585.

Action-Not Available
Vendor-IBM Corporation
Product-api_connectAPI Connect
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-42309
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.66% / 83.86%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 14:14
Updated-04 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sharepoint_serversharepoint_foundationsharepoint_enterprise_serverMicrosoft SharePoint Server 2019Microsoft SharePoint Enterprise Server 2016Microsoft SharePoint Foundation 2013 Service Pack 1Microsoft SharePoint Server Subscription Edition
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2021-38557
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.22% / 80.55%
||
7 Day CHG~0.00%
Published-24 Aug, 2021 | 12:33
Updated-04 Aug, 2024 | 01:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh with any executable content.

Action-Not Available
Vendor-raspapn/a
Product-raspapn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-38289
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.18% / 63.79%
||
7 Day CHG~0.00%
Published-12 Jul, 2022 | 12:33
Updated-07 Apr, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts. NOTE: As of April 2026, the vendor has officially decommissioned the affected legacy endpoints and associated services. The vulnerability is mitigated as the functional logic is no longer operational and the URLs have been removed from production.

Action-Not Available
Vendor-novastarn/a
Product-novaicaren/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-11192
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.71% / 84.16%
||
7 Day CHG~0.00%
Published-01 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 4 of 6).

Action-Not Available
Vendor-n/aQuest Software, Inc.
Product-disk_backupn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-11194
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.71% / 84.16%
||
7 Day CHG~0.00%
Published-01 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 6 of 6).

Action-Not Available
Vendor-n/aQuest Software, Inc.
Product-disk_backupn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-11191
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.71% / 84.16%
||
7 Day CHG~0.00%
Published-01 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 3 of 6).

Action-Not Available
Vendor-n/aQuest Software, Inc.
Product-disk_backupn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-11193
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.71% / 84.16%
||
7 Day CHG~0.00%
Published-01 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 5 of 6).

Action-Not Available
Vendor-n/aQuest Software, Inc.
Product-disk_backupn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-10843
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.5||HIGH
EPSS-1.36% / 68.39%
||
7 Day CHG+0.01%
Published-02 Jul, 2018 | 17:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.

Action-Not Available
Vendor-[UNKNOWN]Red Hat, Inc.
Product-openshift_container_platformsource-to-image
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-11116
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.44% / 82.29%
||
7 Day CHG~0.00%
Published-19 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl.d files, which allows remote authenticated users to call arbitrary methods (i.e., achieve ubus access over HTTP) that were only supposed to be accessible to a specific user, as demonstrated by the file, log, and service namespaces, potentially leading to remote Information Disclosure or Code Execution. NOTE: The developer disputes this as a vulnerability, indicating that rpcd functions appropriately

Action-Not Available
Vendor-n/aOpenWrt
Product-openwrtn/aopenwrt
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2017-9462
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-21.51% / 97.31%
||
7 Day CHG~0.00%
Published-06 Jun, 2017 | 21:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.

Action-Not Available
Vendor-mercurialn/aDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxenterprise_linux_servermercurialenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_server_ausn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-38475
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.3||HIGH
EPSS-0.86% / 54.08%
||
7 Day CHG~0.00%
Published-22 Oct, 2021 | 11:22
Updated-16 Sep, 2024 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AUVESY Versiondog

The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions.

Action-Not Available
Vendor-auvesyAUVESY
Product-versiondogVersiondog
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2017-3006
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-10.82% / 95.31%
||
7 Day CHG~0.00%
Published-12 Apr, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications.

Action-Not Available
Vendor-n/aMicrosoft CorporationAdobe Inc.
Product-creative_cloudwindowsAdobe Thor 3.9.5.353 and earlier.
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2017-2290
Matching Score-4
Assigner-Perforce
ShareView Details
Matching Score-4
Assigner-Perforce
CVSS Score-8.8||HIGH
EPSS-1.23% / 65.18%
||
7 Day CHG~0.00%
Published-03 Mar, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolved in mcollective-puppet-agent 1.12.1.

Action-Not Available
Vendor-Microsoft CorporationPerforce Software, Inc. ("Puppet")
Product-windowsmcollective-puppet-agentmcollective-puppet-agent plugin
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-36281
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.69% / 48.16%
||
7 Day CHG~0.00%
Published-16 Aug, 2021 | 22:00
Updated-17 Sep, 2024 | 00:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment vulnerability. A low privileged authenticated user can potentially exploit this vulnerability to escalate privileges.

Action-Not Available
Vendor-Dell Inc.
Product-emc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2017-17677
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.33% / 67.70%
||
7 Day CHG~0.00%
Published-19 May, 2021 | 13:11
Updated-05 Aug, 2024 | 20:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code.

Action-Not Available
Vendor-bmcn/a
Product-remedy_mid-tiern/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2017-17867
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-11.07% / 95.38%
||
7 Day CHG~0.00%
Published-04 Jan, 2018 | 19:00
Updated-05 Aug, 2024 | 21:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by a program located on an SMB share. This issue existed because the /etc/uci-defaults directory was not being used to secure the OpenWrt configuration.

Action-Not Available
Vendor-intenogroupn/a
Product-iopsysn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
  • Previous
  • 1
  • 2
  • Next
Details not found