Описание
Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:sun:cobalt_raq_2:*:*:*:*:*:*:*:*
cpe:2.3:h:sun:cobalt_raq_3i:*:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.0037
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files.
EPSS
Процентиль: 58%
0.0037
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other