CWE-7323 advisories

Incorrect Permission Assignment

What it is

A resource is created with overly broad permissions, exposing it to unauthorized actors.

How to fix it

Upgrade and tighten the permissions on the affected resource.

How to avoid it

Apply least-privilege permissions by default to files, objects and roles.

Known Incorrect Permission Assignment vulnerabilities

OPSEC-MICROSOFT-SAS-2023 — high · Cloud/Microsoft Azure Storage
CLOUD-ACCENTURE-S3-2017 — high · Cloud · AWS/Accenture (Amazon S3)
CLOUD-DEEPROOT-VOTERS-2017 — high · Cloud · AWS/Deep Root Analytics (Amazon S3)

Stateward flags Incorrect Permission Assignment in your own code and dependencies on every pull request.

Scan my repo

Summarize with AI

ChatGPT Claude Perplexity

Sources: CISA KEV (public domain), OSV.dev & GitHub Advisory Database (CC-BY-4.0), FIRST EPSS, NVD/CWE (public domain). Served live from the Stateward advisory database.