Common Weakness Enumeration

CWE-281

Allowed

Improper Preservation of Permissions

Abstraction: Base · Status: Draft

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

432 vulnerabilities reference this CWE, most recent first.

GHSA-76CF-8M83-6VV8

Vulnerability from github – Published: 2022-03-11 00:02 – Updated: 2022-03-17 00:01
VLAI
Details

Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure permissions, which allows unprivileged local users to elevate privileges to SYSTEM via the "Browse For Folder" window accessible by triggering a "Repair" on the MSI package located in C:\Windows\Installer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-24618"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-10T17:46:00Z",
    "severity": "HIGH"
  },
  "details": "Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure permissions, which allows unprivileged local users to elevate privileges to SYSTEM via the \"Browse For Folder\" window accessible by triggering a \"Repair\" on the MSI package located in C:\\Windows\\Installer.",
  "id": "GHSA-76cf-8m83-6vv8",
  "modified": "2022-03-17T00:01:25Z",
  "published": "2022-03-11T00:02:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24618"
    },
    {
      "type": "WEB",
      "url": "https://support.heimdalsecurity.com/hc/en-us/articles/4425942979473-2-5-398-PROD-and-2-5-401-RC"
    },
    {
      "type": "WEB",
      "url": "http://heimdal.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-76F2-5PMW-P3QG

Vulnerability from github – Published: 2025-01-14 00:30 – Updated: 2025-01-23 18:31
VLAI
Details

Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can edit their own ACL rules by sending a request to the "AclList/SaveAclRules" administrative function.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-42228"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-13T22:15:10Z",
    "severity": "HIGH"
  },
  "details": "Pat Infinite Solutions HelpdeskAdvanced \u003c= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can edit their own ACL rules by sending a request to the \"AclList/SaveAclRules\" administrative function.",
  "id": "GHSA-76f2-5pmw-p3qg",
  "modified": "2025-01-23T18:31:15Z",
  "published": "2025-01-14T00:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42228"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/daniele_m/cve-list/-/blob/main/README.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-77R2-Q4C3-V635

Vulnerability from github – Published: 2022-12-19 09:30 – Updated: 2023-01-04 18:31
VLAI
Details

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned from the network) even though it continuously misbehaves by never forwarding topic messages.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-47547"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-19T09:15:00Z",
    "severity": "MODERATE"
  },
  "details": "GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned from the network) even though it continuously misbehaves by never forwarding topic messages.",
  "id": "GHSA-77r2-q4c3-v635",
  "modified": "2023-01-04T18:31:01Z",
  "published": "2022-12-19T09:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-47547"
    },
    {
      "type": "WEB",
      "url": "https://arxiv.org/pdf/2212.05197.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-79RC-QPW3-JV92

Vulnerability from github – Published: 2026-04-22 18:31 – Updated: 2026-07-06 21:53
VLAI
Summary
Duplicate Advisory: uutils coreutils has an Improper Preservation of Permissions issue
Details

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-r9hw-mj3w-phcq. This link is maintained to preserve external references.

Original Description

The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility attempts cleanup using std::fs::remove_dir, which cannot remove device nodes or FIFOs. This leaves mislabeled nodes behind with incorrect default contexts, potentially allowing unauthorized access to device nodes that should have been restricted by mandatory access controls.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "coreutils"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.6.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-30T17:29:00Z",
    "nvd_published_at": "2026-04-22T17:16:38Z",
    "severity": "LOW"
  },
  "details": "### Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-r9hw-mj3w-phcq. This link is maintained to preserve external references.\n\n### Original Description\nThe mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility attempts cleanup using std::fs::remove_dir, which cannot remove device nodes or FIFOs. This leaves mislabeled nodes behind with incorrect default contexts, potentially allowing unauthorized access to device nodes that should have been restricted by mandatory access controls.",
  "id": "GHSA-79rc-qpw3-jv92",
  "modified": "2026-07-06T21:53:56Z",
  "published": "2026-04-22T18:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35361"
    },
    {
      "type": "WEB",
      "url": "https://github.com/uutils/coreutils/pull/10582"
    },
    {
      "type": "WEB",
      "url": "https://github.com/uutils/coreutils/commit/42b2ad83cdcf6e959ecb378c5040c60d9c64becf"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/uutils/coreutils"
    },
    {
      "type": "WEB",
      "url": "https://github.com/uutils/coreutils/releases/tag/0.6.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Duplicate Advisory: uutils coreutils has an Improper Preservation of Permissions issue",
  "withdrawn": "2026-07-06T21:53:56Z"
}

GHSA-79W4-PM9Q-PR7V

Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2022-05-13 01:47
VLAI
Details

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Kerberos falling back to NT LAN Manager (NTLM) Authentication Protocol as the default authentication protocol, aka "Windows Elevation of Privilege Vulnerability".

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-8563"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-11T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Kerberos falling back to NT LAN Manager (NTLM) Authentication Protocol as the default authentication protocol, aka \"Windows Elevation of Privilege Vulnerability\".",
  "id": "GHSA-79w4-pm9q-pr7v",
  "modified": "2022-05-13T01:47:37Z",
  "published": "2022-05-13T01:47:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8563"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8563"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99402"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7FC5-P6PG-8VRJ

Vulnerability from github – Published: 2025-11-07 00:30 – Updated: 2025-11-07 00:30
VLAI
Details

A flaw was found in the 3scale developer portal. This issue can allow account creation or updates passed through hidden or read-only fields, the contents of which may be altered. This flaw allows an attacker to access or modify restricted information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-12125"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-06T22:15:37Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in the 3scale developer portal. This issue can allow account creation or updates passed through hidden or read-only fields, the contents of which may be altered. This flaw allows an attacker to access or modify restricted information.",
  "id": "GHSA-7fc5-p6pg-8vrj",
  "modified": "2025-11-07T00:30:29Z",
  "published": "2025-11-07T00:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12125"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-12125"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330214"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7WFC-5482-X3G7

Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2022-05-13 01:47
VLAI
Details

Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows improperly handling calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability".

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-8562"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-11T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows improperly handling calls to Advanced Local Procedure Call (ALPC), aka \"Windows ALPC Elevation of Privilege Vulnerability\".",
  "id": "GHSA-7wfc-5482-x3g7",
  "modified": "2022-05-13T01:47:37Z",
  "published": "2022-05-13T01:47:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8562"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8562"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99397"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7XJP-F5XM-J9VM

Vulnerability from github – Published: 2024-12-04 18:32 – Updated: 2024-12-11 18:30
VLAI
Details

The Mister org.mistergroup.shouldianswer application 1.4.264 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the org.mistergroup.shouldianswer.ui.default_dialer.DefaultDialerActivity component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-37575"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-04T16:15:24Z",
    "severity": "HIGH"
  },
  "details": "The Mister org.mistergroup.shouldianswer application 1.4.264 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the org.mistergroup.shouldianswer.ui.default_dialer.DefaultDialerActivity component.",
  "id": "GHSA-7xjp-f5xm-j9vm",
  "modified": "2024-12-11T18:30:40Z",
  "published": "2024-12-04T18:32:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37575"
    },
    {
      "type": "WEB",
      "url": "https://github.com/actuator/org.mistergroup.shouldianswer"
    },
    {
      "type": "WEB",
      "url": "https://github.com/actuator/org.mistergroup.shouldianswer/blob/main/CVE-2024-37575"
    },
    {
      "type": "WEB",
      "url": "https://play.google.com/store/apps/details?id=org.mistergroup.shouldianswer"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-82C6-4WFX-37C3

Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-05-24 17:33
VLAI
Details

Improper permissions in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable denial of service via network access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-12353"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-12T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Improper permissions in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable denial of service via network access.",
  "id": "GHSA-82c6-4wfx-37c3",
  "modified": "2022-05-24T17:33:36Z",
  "published": "2022-05-24T17:33:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12353"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00430"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-82Q4-3HM8-GGPH

Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-05-24 17:33
VLAI
Details

Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-12334"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-12T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2 may allow an authenticated user to potentially enable escalation of privilege via local access.",
  "id": "GHSA-82q4-3hm8-ggph",
  "modified": "2022-05-24T17:33:35Z",
  "published": "2022-05-24T17:33:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12334"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00417"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.