Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-43496

Summary
Assigner-jenkins
Assigner Org ID-39769cd5-e6e2-4dc8-927e-97b3aa056f5b
Published At-20 Sep, 2023 | 16:06
Updated At-02 May, 2025 | 15:32
Rejected At-
Credits

Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions for newly created files when installing a plugin from a URL, potentially allowing attackers with access to the system temporary directory to replace the file before it is installed in Jenkins, potentially resulting in arbitrary code execution.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:jenkins
Assigner Org ID:39769cd5-e6e2-4dc8-927e-97b3aa056f5b
Published At:20 Sep, 2023 | 16:06
Updated At:02 May, 2025 | 15:32
Rejected At:
▼CVE Numbering Authority (CNA)

Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions for newly created files when installing a plugin from a URL, potentially allowing attackers with access to the system temporary directory to replace the file before it is installed in Jenkins, potentially resulting in arbitrary code execution.

Affected Products
Vendor
JenkinsJenkins Project
Product
Jenkins
Default Status
affected
Versions
Unaffected
  • From 2.424 before * (maven)
  • From 2.414.2 before 2.414.* (maven)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3072
vendor-advisory
http://www.openwall.com/lists/oss-security/2023/09/20/5
N/A
Hyperlink: https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3072
Resource:
vendor-advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2023/09/20/5
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3072
vendor-advisory
x_transferred
http://www.openwall.com/lists/oss-security/2023/09/20/5
x_transferred
Hyperlink: https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3072
Resource:
vendor-advisory
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2023/09/20/5
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-276CWE-276 Incorrect Default Permissions
Type: CWE
CWE ID: CWE-276
Description: CWE-276 Incorrect Default Permissions
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:jenkinsci-cert@googlegroups.com
Published At:20 Sep, 2023 | 17:15
Updated At:02 May, 2025 | 16:15

Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions for newly created files when installing a plugin from a URL, potentially allowing attackers with access to the system temporary directory to replace the file before it is installed in Jenkins, potentially resulting in arbitrary code execution.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches

Jenkins
jenkins
>>jenkins>>Versions before 2.414.2(exclusive)
cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
Jenkins
jenkins
>>jenkins>>Versions before 2.424(exclusive)
cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*
Weaknesses
CWE IDTypeSource
CWE-276Primarynvd@nist.gov
CWE-276Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-276
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-276
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://www.openwall.com/lists/oss-security/2023/09/20/5jenkinsci-cert@googlegroups.com
Mailing List
Third Party Advisory
https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3072jenkinsci-cert@googlegroups.com
Vendor Advisory
http://www.openwall.com/lists/oss-security/2023/09/20/5af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3072af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2023/09/20/5
Source: jenkinsci-cert@googlegroups.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3072
Source: jenkinsci-cert@googlegroups.com
Resource:
Vendor Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2023/09/20/5
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3072
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

237Records found

CVE-2021-41635
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.93% / 77.57%
||
7 Day CHG~0.00%
Published-24 Jun, 2022 | 11:46
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants remote attackers to abuse misconfigurations or vulnerabilities with administrative access over the entire host system.

Action-Not Available
Vendor-melagn/aMicrosoft Corporation
Product-ftp_serverwindowsn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-40416
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.1||HIGH
EPSS-0.87% / 54.28%
||
7 Day CHG~0.00%
Published-28 Jan, 2022 | 19:10
Updated-15 Apr, 2025 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. All the Get APIs that are not included in cgi_check_ability are already executable by any logged-in users. An attacker can send an HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-n/aReolink Innovation Limited
Product-rlc-410w_firmwarerlc-410wn/a
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-39273
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.67% / 83.92%
||
7 Day CHG~0.00%
Published-19 Aug, 2021 | 11:59
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In XeroSecurity Sn1per 9.0 (free version), insecure permissions (0777) are set upon application execution, allowing an unprivileged user to modify the application, modules, and configuration files. This leads to arbitrary code execution with root privileges.

Action-Not Available
Vendor-xerosecurityn/a
Product-sn1pern/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2018-10604
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-1.64% / 73.51%
||
7 Day CHG~0.00%
Published-24 Jul, 2018 | 13:00
Updated-16 Sep, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory, which may allow modification or overwriting of files within the Compass installation folder, resulting in escalation of privilege and/or malicious code execution.

Action-Not Available
Vendor-Schweitzer Engineering Laboratories, Inc. (SEL)
Product-sel_compassCompass
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-29005
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.83% / 76.22%
||
7 Day CHG~0.00%
Published-11 Oct, 2021 | 12:04
Updated-03 Aug, 2024 | 21:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure permission of chmod command on rConfig server 3.9.6 exists. After installing rConfig apache user may execute chmod as root without password which may let an attacker with low privilege to gain root access on server.

Action-Not Available
Vendor-rconfign/a
Product-rconfign/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-37878
Matching Score-4
Assigner-Switzerland National Cyber Security Centre (NCSC)
ShareView Details
Matching Score-4
Assigner-Switzerland National Cyber Security Centre (NCSC)
CVSS Score-6.1||MEDIUM
EPSS-0.43% / 34.73%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 08:16
Updated-26 Sep, 2024 | 14:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure Default Permissions in Wing FTP Server <= 7.2.0

Insecure default permissions in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: <= 7.2.0.

Action-Not Available
Vendor-wftpserverWing FTP Server
Product-wing_ftp_serverWing FTP Server
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-31462
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.92% / 55.85%
||
7 Day CHG~0.00%
Published-20 Jul, 2023 | 00:00
Updated-28 Oct, 2024 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in SteelSeries GG 36.0.0. An attacker can change values in an unencrypted database that is writable for all users on the computer, in order to trigger code execution with higher privileges.

Action-Not Available
Vendor-steelseriesn/a
Product-ggn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-25355
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.50% / 82.77%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 00:00
Updated-13 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the `daemon` user on a sipXcom server can overwrite a service file, and escalate their privileges to `root`.

Action-Not Available
Vendor-coredialn/a
Product-sipxcomn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-22951
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.83% / 52.97%
||
7 Day CHG~0.00%
Published-13 Apr, 2023 | 00:00
Updated-07 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. It creates an authentication token for internal systems use. This token can be read from the configuration file. Using this token on the REST API provides an attacker with anonymous admin-level privileges on all REST API endpoints.

Action-Not Available
Vendor-tigergraphn/a
Product-tigergraph_enterprisecloudn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2015-9477
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.35% / 68.16%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 16:17
Updated-06 Aug, 2024 | 08:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates.

Action-Not Available
Vendor-vernissage_projectn/a
Product-vernissagen/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2015-9474
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.49% / 70.92%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 16:15
Updated-06 Aug, 2024 | 08:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates.

Action-Not Available
Vendor-simpolio_projectn/a
Product-simpolion/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-34164
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.77% / 50.99%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 00:00
Updated-18 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permissions vulnerability in LIZHIFAKA v.2.2.0 allows authenticated attacker to execute arbitrary commands via the set password function in the admin/index/email location.

Action-Not Available
Vendor-lizhifaka_projectn/a
Product-lizhifakan/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-3394
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-5.79% / 92.21%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 14:51
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Millennium Millewin (also known as "Cartella clinica") 13.39.028, 13.39.28.3342, and 13.39.146.1 has insecure folder permissions allowing a malicious user for a local privilege escalation.

Action-Not Available
Vendor-millewinn/a
Product-millewinn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2014-2721
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.29% / 81.10%
||
7 Day CHG~0.00%
Published-19 Mar, 2020 | 15:48
Updated-06 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.

Action-Not Available
Vendor-n/aFortinet, Inc.
Product-fortibalancer_400_firmwarefortibalancer_2000_firmwarefortibalancer_1000_firmwarefortibalancer_3000_firmwarefortibalancer_3000fortibalancer_1000fortibalancer_400fortibalancer_2000n/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2014-2722
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.69% / 74.22%
||
7 Day CHG~0.00%
Published-19 Mar, 2020 | 15:33
Updated-06 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.

Action-Not Available
Vendor-n/aFortinet, Inc.
Product-fortibalancer_400_firmwarefortibalancer_2000_firmwarefortibalancer_1000_firmwarefortibalancer_3000_firmwarefortibalancer_3000fortibalancer_1000fortibalancer_400fortibalancer_2000n/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2014-2723
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.69% / 74.22%
||
7 Day CHG~0.00%
Published-19 Mar, 2020 | 15:52
Updated-06 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.

Action-Not Available
Vendor-n/aFortinet, Inc.
Product-fortibalancer_400_firmwarefortibalancer_2000_firmwarefortibalancer_1000_firmwarefortibalancer_3000_firmwarefortibalancer_3000fortibalancer_1000fortibalancer_400fortibalancer_2000n/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-57625
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.54% / 41.32%
||
7 Day CHG~0.00%
Published-16 Sep, 2025 | 00:00
Updated-17 Sep, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CYRISMA Sensor before 444 for Windows has an Insecure Folder and File Permissions vulnerability. A low-privileged user can abuse these issues to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM by replacing DataSpotliteAgent.exe or any other binaries called by the Cyrisma_Agent service when it starts

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-42098
Matching Score-4
Assigner-Devolutions Inc.
ShareView Details
Matching Score-4
Assigner-Devolutions Inc.
CVSS Score-8.8||HIGH
EPSS-1.60% / 72.87%
||
7 Day CHG~0.00%
Published-18 Oct, 2021 | 13:22
Updated-04 Aug, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An incomplete permission check on entries in Devolutions Remote Desktop Manager before 2021.2.16 allows attackers to bypass permissions via batch custom PowerShell.

Action-Not Available
Vendor-Devolutions
Product-remote_desktop_managerRemote Desktop Manager
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-46014
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.35% / 27.31%
||
7 Day CHG~0.00%
Published-30 Jun, 2025 | 00:00
Updated-15 Oct, 2025 | 20:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Several services in Honor Device Co., Ltd Honor PC Manager v16.0.0.118 was discovered to connect services to the named pipe iMateBookAssistant with default or overly permissive security attributes, leading to a privilege escalation.

Action-Not Available
Vendor-n/aHonor Device Co., Ltd.
Product-pc_managern/a
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-284
Improper Access Control
CVE-2021-28271
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.87% / 76.74%
||
7 Day CHG~0.00%
Published-27 Apr, 2021 | 12:51
Updated-03 Aug, 2024 | 21:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Soyal Technologies SOYAL 701Server 9.0.1 suffers from an elevation of privileges vulnerability which can be used by an authenticated user to change the executable file with a binary choice. The vulnerability is due to improper permissions with the 'F' flag (Full) for 'Everyone'and 'Authenticated Users' group.

Action-Not Available
Vendor-soyaln/a
Product-701server701clientsql701serversqln/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-48199
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.69% / 48.23%
||
7 Day CHG~0.00%
Published-24 Jan, 2023 | 00:00
Updated-02 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute a malicious binary with potentially higher privileges via a low-privileged user account that abuses the Notifications function. The Notifications function allows for arbitrary binary execution and can be modified by any user. The resulting binary execution will occur in the context of any user running NetWorx. If an attacker modifies the Notifications function to execute a malicious binary, the binary will be executed by every user running NetWorx on that system.

Action-Not Available
Vendor-softperfectn/aMicrosoft Corporation
Product-networxwindowsn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-46382
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.62% / 45.58%
||
7 Day CHG~0.00%
Published-06 Dec, 2022 | 00:00
Updated-23 Apr, 2025 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has Insecure Permissions. After signing into Digital Rebar, users are issued authentication tokens tied to their account to perform actions within Digital Rebar. During the validation process of these tokens, Digital Rebar did not check if the user account still exists. Deleted Digital Rebar users could still use their tokens to perform actions within Digital Rebar.

Action-Not Available
Vendor-racknn/a
Product-digital_rebarn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-45562
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.00% / 58.65%
||
7 Day CHG~0.00%
Published-02 Dec, 2022 | 00:00
Updated-24 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute arbitrary commands in vulnerable system functions that is requires high privilege to access.

Action-Not Available
Vendor-telosalliancen/a
Product-omnia_mpx_nodeomnia_mpx_node_firmwaren/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-1833
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.80% / 52.13%
||
7 Day CHG~0.00%
Published-21 Jun, 2022 | 14:23
Updated-03 Aug, 2024 | 00:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low-privilege user that has access to the namespace where the AMQ Operator is deployed has access to clusterwide edit rights by checking the secrets. The service account used for building the Operator gives more permission than expected and an attacker could benefit from it. This requires at least an already compromised low-privilege account or insider attack.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-amq_brokerAMQ Broker Operator
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-9408
Matching Score-4
Assigner-TIBCO Software Inc.
ShareView Details
Matching Score-4
Assigner-TIBCO Software Inc.
CVSS Score-9.9||CRITICAL
EPSS-1.27% / 66.22%
||
7 Day CHG~0.00%
Published-11 Mar, 2020 | 19:55
Updated-16 Sep, 2024 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TIBCO Spotfire Server Script Trust Problem Exposes Remote Code Execution Vulnerability

The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker with write permissions to the Spotfire Library, but not "Script Author" group permission, to modify attributes of files and objects saved to the library such that the system treats them as trusted. This could allow an attacker to cause the Spotfire Web Player, Analyst clients, and TERR Service into executing arbitrary code with the privileges of the system account that started those processes. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: versions 10.8.0 and below and TIBCO Spotfire Server: versions 7.11.9 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.3.0, 10.3.1, 10.3.2, 10.3.3, 10.3.4, 10.3.5, and 10.3.6, versions 10.4.0, 10.5.0, 10.6.0, 10.6.1, 10.7.0, and 10.8.0.

Action-Not Available
Vendor-TIBCO (Cloud Software Group, Inc.)
Product-spotfire_serverspotfire_analytics_platform_for_awsTIBCO Spotfire Analytics Platform for AWS MarketplaceTIBCO Spotfire Server
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-5353
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-8.8||HIGH
EPSS-0.97% / 57.64%
||
7 Day CHG~0.00%
Published-29 Jul, 2021 | 15:55
Updated-17 Sep, 2024 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.

Action-Not Available
Vendor-Dell Inc.
Product-emc_isilon_onefsemc_powerscale_onefsIsilon OneFS
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-3187
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.64% / 46.37%
||
7 Day CHG~0.00%
Published-11 Dec, 2023 | 00:00
Updated-27 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in BeyondTrust Privilege Management for Mac before 5.7. An authenticated, unprivileged user can elevate privileges by running a malicious script (that executes as root from a temporary directory) during install time. (This applies to macOS before 10.15.5, or Security Update 2020-003 on Mojave and High Sierra, Later versions of macOS are not vulnerable.)

Action-Not Available
Vendor-n/aBeyondTrust CorporationApple Inc.
Product-privilege_management_for_macmac_os_xn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-28906
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.73% / 90.75%
||
7 Day CHG~0.00%
Published-24 May, 2021 | 12:43
Updated-04 Aug, 2024 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect File Permissions in Nagios XI 5.7.5 and earlier and Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root. Low-privileged users are able to modify files that are included (aka sourced) by scripts executed by root.

Action-Not Available
Vendor-n/aNagios Enterprises, LLC
Product-nagios_xifusionn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-26180
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-6.3||MEDIUM
EPSS-0.59% / 44.03%
||
7 Day CHG~0.00%
Published-28 Jul, 2021 | 00:05
Updated-17 Sep, 2024 | 02:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell EMC Isilon OneFS supported versions 8.1 and later and Dell EMC PowerScale OneFS supported version 9.0.0 contain an access issue with the remotesupport user account. A remote malicious user with low privileges may gain access to data stored on the /ifs directory through most protocols.

Action-Not Available
Vendor-Dell Inc.
Product-emc_isilon_onefsemc_powerscale_onefsPowerScale OneFS
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-21514
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.79% / 51.63%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 00:00
Updated-09 Jun, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Fluent-ui v.1.2.2 allows attackers to gain escalated privileges and execute arbitrary code due to a default password.

Action-Not Available
Vendor-fluentdn/a
Product-fluentd-uifluentdn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-14156
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.81% / 75.95%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 17:35
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions.

Action-Not Available
Vendor-openbmc-projectn/a
Product-openbmcn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-11955
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.31% / 67.22%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 13:03
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Rittal PDU-3C002DEC through 5.15.70 and CMCIII-PU-9333E0FB through 3.15.70 devices. There are insecure permissions.

Action-Not Available
Vendor-rittaln/a
Product-cmciii-pu-9333e0fb_firmwarepdu-3c002dec_firmwareiot_interface_3124.300lcp-cw_firmwarecmc_iii_pu_7030.000_firmwarecmciii-pu-9333e0fbpdu-3c002declcp-cwcmc_iii_pu_7030.000n/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-12075
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.3||MEDIUM
EPSS-1.04% / 59.85%
||
7 Day CHG~0.00%
Published-23 Apr, 2020 | 02:00
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks capability checks for AJAX actions.

Action-Not Available
Vendor-supsysticn/a
Product-data_tables_generatorn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2015-9476
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.35% / 68.16%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 16:16
Updated-06 Aug, 2024 | 08:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates.

Action-Not Available
Vendor-teardrop_projectn/a
Product-teardropn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-9679
Matching Score-4
Assigner-Dahua Technologies
ShareView Details
Matching Score-4
Assigner-Dahua Technologies
CVSS Score-8.8||HIGH
EPSS-0.86% / 54.11%
||
7 Day CHG~0.00%
Published-18 Sep, 2019 | 18:32
Updated-04 Aug, 2024 | 21:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some of Dahua's Debug functions do not have permission separation. Low-privileged users can use the Debug function after logging in. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18,2019.

Action-Not Available
Vendor-Dahua Technology Co., Ltd
Product-ipc-hdw1x2x_firmwareipc-hdw5x2x_firmwareipc-hfw4x2x_firmwareipc-hfw1x2x_firmwareipc-hfw2x2x_firmwareipc-hfw2x2xipc-hdbw4x2xipc-hfw4x2xipc-hdw4x2xipc-hfw5x2x_firmwareipc-hfw1x2xipc-hdw5x2xipc-hdw2x2x_firmwareipc-hdbw4x2x_firmwareipc-hdw2x2xipc-hdw4x2x_firmwareipc-hdw1x2xipc-hfw5x2xIPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-19475
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.55% / 83.13%
||
7 Day CHG~0.00%
Published-10 Jan, 2020 | 21:18
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ManageEngine Applications Manager 14 with Build 14360. Integrated PostgreSQL which is built-in in Applications Manager is prone to attack due to lack of file permission security. The malicious users who are in “Authenticated Users” group can exploit privilege escalation and modify PostgreSQL configuration to execute arbitrary command to escalate and gain full system privilege user access and rights over the system.

Action-Not Available
Vendor-n/aZoho Corporation Pvt. Ltd.
Product-manageengine_applications_managern/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-19202
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.00% / 58.69%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 19:54
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without administrative privileges to change his own role by adding roleid=H2 to a POST request.

Action-Not Available
Vendor-vtigern/a
Product-vtiger_crmn/a
CWE ID-CWE-276
Incorrect Default Permissions
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found