Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-732 (关键资源的不正确权限授予) — Vulnerability Class 445

445 vulnerabilities classified as CWE-732 (关键资源的不正确权限授予). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-46141 Phoenix Contact: Automation Worx and classic line controllers prone to Incorrect Permission Assignment for Critical Resource — Automation Worx Software Suite 9.8 Critical2023-12-14
CVE-2023-0757 Phoenix Contact ProConOS prone to Incorrect Permission Assignment for Critical Resource — MULTIPROG 9.8 Critical2023-12-14
CVE-2023-25648 Weak Folder Permission Vulnerability in ZTE ZXCLOUD iRAI — ZXCLOUD iRAI 6.5 Medium2023-12-14
CVE-2023-49580 Information disclosure in SAP GUI for Windows and SAP GUI for Java — SAP GUI for Windows and SAP GUI for Java 7.3 High2023-12-12
CVE-2023-49578 Denial of service (DOS) in SAP Cloud Connector — SAP Cloud Connector 3.5 Low2023-12-12
CVE-2023-6179 Incorrect Permission assignment to program executable folders — ProWatch 7.8 High2023-11-17
CVE-2023-28134 Local Privliege Escalation in Check Point Endpoint Security Remediation Service — Harmony Endpoint. 7.8 -2023-11-12
CVE-2023-3282 Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine — Cortex XSOAR 6.4 Medium2023-11-08
CVE-2023-42489 EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource — v3.0.6433.1964 7.5 High2023-10-25
CVE-2023-34437 Baker Hughes Bently Nevada 3500 System Incorrect Permission Assignment for Critical Resource — Bently Nevada 3500 System 7.5 High2023-10-18
CVE-2023-44201 Junos OS and Junos OS Evolved: A local attacker can retrieve sensitive information and elevate privileges on the device to an authorized user. — Junos OS 5.0 Medium2023-10-12
CVE-2023-32724 JavaScript engine memory pointers are directly available for Zabbix users for modification — Zabbix 9.1 Critical2023-10-12
CVE-2023-32723 Inefficient permission check in class CControllerAuthenticationUpdate — Zabbix 8.5 High2023-10-12
CVE-2023-45205 Siemens SICAM PAS/PQS 安全漏洞 — SICAM PAS/PQS 7.8 High2023-10-10
CVE-2023-38640 Siemens SICAM PAS/PQS 安全漏洞 — SICAM PAS/PQS 6.6 Medium2023-10-10
CVE-2022-30527 Siemens SINEC NMS 安全漏洞 — SINEC NMS 7.8 High2023-10-10
CVE-2023-44387 Gradle has incorrect permission assignment for symlinked files used in copy or archiving operations — gradle 3.2 Low2023-10-05
CVE-2023-38557 Siemens Spectrum Power 安全漏洞 — Spectrum Power 7 8.2 High2023-09-14
CVE-2023-40622 Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management) — SAP BusinessObjects Business Intelligence Platform (Promotion Management) 9.9 Critical2023-09-12
CVE-2023-4777 Incorrect Permission Assignment on Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier — Container Scanning Connector Jenkins Plugin 3.1 Low2023-09-08
CVE-2023-32162 Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability — Drivers for Windows 7.8 -2023-09-06
CVE-2023-4332 Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file — LSI Storage Authority (LSA) 7.8 -2023-08-15
CVE-2022-39062 Siemens SICAM TOOLBOX II 安全漏洞 — SICAM TOOLBOX II 7.8 High2023-08-08
CVE-2023-3322 Code Execution through overwriting service executable in utilities directory — ABB Ability™ zenon 7.0 High2023-07-24
CVE-2023-28133 Check Point Endpoint Security Client 安全漏洞 — Harmony Endpoint. 7.8 -2023-07-23
CVE-2023-35870 Improper Access Control in SAP S/4HANA (Manage Journal Entry Template) — SAP S/4HANA (Manage Journal Entry Template) 6.3 Medium2023-07-11
CVE-2023-33990 Denial of Service (DoS) vulnerability in SAP SQL Anywhere — SAP SQL Anywhere 7.8 High2023-07-11
CVE-2023-35168 DataEase has a privilege bypass vulnerability — dataease 6.5 Medium2023-06-26
CVE-2022-33163 IBM Security Directory Suite VA information disclosure — Security Directory Suite VA 5.3 Medium2023-06-15
CVE-2023-31142 Discourse's general category permissions could be set back to default — discourse 2.0 Low2023-06-13

Vulnerabilities classified as CWE-732 (关键资源的不正确权限授予) represent 445 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.