SYM_JAVA_0091 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Incorrect Default Permissions
| Property | Value |
|---|---|
| Language | java |
| Severity |  |
| CWE | CWE-276: Incorrect Default Permissions |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
The code sets file permissions that allow all users to read, write, or execute files, which is more access than typically needed. This exposes sensitive files or executables to unauthorized access or modification.
Impact
Attackers or unauthorized users could read confidential data, modify configuration or program files, or execute scripts and binaries they shouldn't have access to. This can lead to data leaks, privilege escalation, or even compromise of the entire application or system.