Описание
The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | |
| devel | ignored | |
| esm-infra-legacy/trusty | ignored | |
| esm-infra/bionic | ignored | |
| esm-infra/xenial | ignored | |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| oneiric | ignored | end of life |
| precise | ignored | end of life |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.
The default configuration of nginx, possibly 1.3.13 and earlier, uses ...
The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.
EPSS
7.5 High
CVSS2