Описание
Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/ directory. A regular local user is able to read and write to all the configuration files, e.g., modify the application server configuration.
Ссылки
- ExploitThird Party Advisory
- Release NotesVendor Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- Release NotesVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.8.5 (включая)
cpe:2.3:a:wowza:streaming_engine:*:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00035
Низкий
7.1 High
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-732
Связанные уязвимости
github
больше 3 лет назад
Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/ directory. A regular local user is able to read and write to all the configuration files, e.g., modify the application server configuration.
EPSS
Процентиль: 10%
0.00035
Низкий
7.1 High
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-732