CWE-276 - Incorrect Default Permissions

Description

The software, upon installation, sets incorrect permissions for an object that exposes it to an unintended actor. The weakness is introduced during Architecture and Design, Implementation, Installation, Operation stages.

Latest vulnerabilities for CWE-276

Information disclosure in Postgresql JDBC Driver 2022-11-23
Low Yes

Information disclosure in IBM CICS TX 2022-11-21
Low Yes

Multiple vulnerabilities in Dell VxRail 2022-11-17
Critical Yes

Privilege escalation in Zoom Client for Meetings Installer for macOS 2022-11-16
Low Yes

Privilege escalation in Zoom Rooms Installer for Windows 2022-11-16
Low Yes

Multiple vulnerabilities in Intel Support Android App 2022-11-09
Low Yes

Multiple vulnerabilities in Intel NUC Kit Wireless Adapter 2022-11-09
Low Yes

Multiple vulnerabilities in Dell EMC Unity Family, Dell EMC Unity XT Family 2022-11-03
High Yes

Multiple vulnerabilities in Dell EMC Data Domain 2022-10-28
Low Yes

Multiple vulnerabilities in Apple macOS Ventura 2022-10-25
High Yes

References

Description of CWE-276 on Mitre website