Описание
In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. Insecure umask setting was present throughout the Versa servers.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 16.1r2s11 (исключая)Версия от 20.2.0 (включая) до 20.2.2 (исключая)Версия от 21.1.0 (включая) до 21.1.1 (исключая)
Одно из
cpe:2.3:o:versa-networks:versa_operating_system:*:*:*:*:*:*:*:*
cpe:2.3:o:versa-networks:versa_operating_system:*:*:*:*:*:*:*:*
cpe:2.3:o:versa-networks:versa_operating_system:*:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00825
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-377
CWE-668
Связанные уязвимости
github
больше 3 лет назад
In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. Insecure umask setting was present throughout the Versa servers.
EPSS
Процентиль: 74%
0.00825
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-377
CWE-668