CWE-276 (缺省权限不正确) — Vulnerability Class 447

447 vulnerabilities classified as CWE-276 (缺省权限不正确). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2020-8907	Priviged Escalation in Google Cloud Platform's Guest-OSLogin — guest-oslogin	8.8	-	2020-06-22
CVE-2020-10782	Red Hat Ansible 信息泄露漏洞 — Ansible Tower	6.5	Medium	2020-06-18
CVE-2020-8018	User owned /etc in SLES15-SP1-CHOST-BYOS — SUSE Linux Enterprise Server 15 SP1	8.4	High	2020-05-04
CVE-2020-1985	Secdo: Incorrect Default Permissions — Secdo	7.8	High	2020-04-08
CVE-2020-7004	VISAM VBASE Editor和VBASE Web-Remote Module 路径遍历漏洞 — VBASE Editor	7.3	-	2020-04-03
CVE-2020-7943	Puppet和PuppetDB 信息泄露漏洞 — Puppet Enterprise 2018.1.x stream	7.1	-	2020-03-11
CVE-2020-5342	Dell Digital Delivery 安全漏洞 — Dell Digital Delivery (Cirrus)	7.8	High	2020-03-09
CVE-2019-17103	Get-task-allow entitlement via BDLDaemon on macOS — Bitdefender AV for Mac	4.9	Medium	2020-01-27
CVE-2019-18900	libzypp stores cookies world readable — CaaS Platform 3.0	4.0	Medium	2020-01-24
CVE-2019-3687	"easy" permission profile allows everyone execute dumpcap and read all network traffic — SUSE Linux Enterprise Server	4.0	Medium	2020-01-24
CVE-2019-14861	Samba 输入验证错误漏洞 — samba	5.3	-	2019-12-10
CVE-2019-3688	squid: /usr/sbin/pinger packaged with wrong permission — SUSE Linux Enterprise Server 15	5.1	Medium	2019-10-07
CVE-2019-3689	nfs-utils: root-owned files stored in insecure /var/lib/nfs directory — SUSE Linux Enterprise Server 12	5.1	Medium	2019-09-19
CVE-2019-3870	Samba 授权问题漏洞 — samba	6.3	-	2019-04-09
CVE-2018-13287	Synology Router Manager 权限许可和访问控制问题漏洞 — Synology Router Manager (SRM)	6.5	-	2019-04-01
CVE-2018-13286	Synology DiskStation Manager 信息泄露漏洞 — DiskStation Manager (DSM)	4.3	-	2019-04-01
CVE-2018-10605	Martem TELEM GW6/GWM 权限许可和访问控制问题漏洞 — TELEM-GW6/GWM	8.8	-	2018-10-01
CVE-2018-8848	Philips e-Alert 安全漏洞 — e-Alert Unit (non-medical device)	9.8	-	2018-09-26
CVE-2018-11453	Siemens SIMATIC STEP 7和WinCC 安全漏洞 — SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15	8.4	-	2018-08-07
CVE-2018-11454	Siemens SIMATIC STEP 7和WinCC 安全漏洞 — SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14, SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15	8.4	-	2018-08-07
CVE-2017-3209	The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user — U818A WiFi Quadcopter Drone	8.1	-	2018-07-24
CVE-2017-3210	Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution — SDK	7.8	-	2018-07-24
CVE-2018-10604	SEL Compass 安全漏洞 — Compass	7.8	-	2018-07-24
CVE-2018-7533	OSIsoft PI Data Archive 安全漏洞 — OSIsoft PI Data Archive	7.8	-	2018-03-14
CVE-2017-12699	AzeoTech DAQFactory 安全漏洞 — AzeoTech DAQFactory	5.5	-	2017-09-09
CVE-2017-11156	Synology Download Station 安全漏洞 — Synology Download Station	7.8	-	2017-08-14
CVE-2017-7968	Schneider Electric Wonderware InduSoft Web Studio 安全漏洞 — Schneider Electric Wonderware InduSoft Web Studio	7.8	-	2017-05-19

Vulnerabilities classified as CWE-276 (缺省权限不正确) represent 447 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-276 (缺省权限不正确) — Vulnerability Class 447