In cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584).
cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308).
cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494).
cPanel before 58.0.4 initially uses weak permissions for Apache HTTP Server log files (SEC-130).
cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories (SEC-443).
cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353).
cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355).
cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by that user) by leveraging backups (SEC-339).
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups (SEC-342).
cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation (SEC-408).
cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration (SEC-436).
cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail (SEC-310).
cPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271).
cPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330).
In cPanel before 66.0.2, weak log-file permissions can occur after account modification (SEC-289).
In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable when rebuilt (SEC-274).
cPanel before 68.0.15 allows arbitrary file-read operations because of the backup .htaccess modification logic (SEC-345).
In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).
cPanel before 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329).
In cPanel before 66.0.2, EasyApache 4 conversion sets weak domlog ownership and permissions (SEC-272).
In cPanel before 66.0.2, domain log files become readable after log processing (SEC-273).
cPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466).
cPanel before 82.0.2 allows local users to discover the MySQL root password (SEC-510).
cPanel before 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484).
cPanel before 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489).
cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366).
The WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467).
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382).
In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination (SEC-291).
cPanel before 68.0.15 allows unprivileged users to access restricted directories during account restores (SEC-311).
In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password (SEC-234).
cPanel before 71.9980.37 allows attackers to make API calls that bypass the backup feature restriction (SEC-429).
cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction (SEC-430).
cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction (SEC-427).
cPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups (SEC-338).
cPanel before 71.9980.37 does not enforce the Mime::list_hotlinks API feature restriction (SEC-432).
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558).
The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow another user on the Junos OS device with shell access to read them. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2.
Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable disclosure of information via local access.
Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access.
In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).
A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use this flaw to access unauthorized system information.
On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up.
Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone.
A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue affected versions prior to macOS High Sierra 10.13.4.
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster.
iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console.
Ingenico Telium 2 POS Telium2 OS allow bypass of file-reading restrictions via the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
A permissions issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.0.1. A local attacker may be able to read sensitive information.
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.