7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.5 Medium
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.2%
The Security Manager in razorCMS before 0.4 does not verify the permissions of every file owned by the apache user account, which is inconsistent with the documentation and allows local users to have an unspecified impact.
CPE | Name | Operator | Version |
---|---|---|---|
razorcms:razorcms | razorcms | le | 0.3 |
razorcms:razorcms | razorcms | eq | 0.2 |