Описание
Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which allows local users to gain sensitive information.
Ссылки
- PatchVendor Advisory
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- PatchVendor Advisory
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 2.5n_build_1871 (включая)Версия до 3.1_build_2338 (включая)Версия до 3.1a_build_2364 (включая)
Одно из
cpe:2.3:a:groove:groove_workspace:*:*:*:*:*:*:*:*
cpe:2.3:a:groove:virtual_office:*:*:*:*:*:*:*:*
cpe:2.3:a:groove:virtual_office:*:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00107
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which allows local users to gain sensitive information.
EPSS
Процентиль: 29%
0.00107
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other