Lucene search

K

MitreCVELIST:CVE-2014-5447

HistoryOct 20, 2014 - 3:00 p.m.

CVE-2014-5447

2014-10-2015:00:00

mitre

www.cve.org

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.6%

Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions (644) for config.php, which allows local users to obtain sensitive information by reading the PHP session files. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0103.

References

advisories.mageia.org/MGASA-2014-0380.html

seclists.org/oss-sec/2014/q3/444

seclists.org/oss-sec/2014/q3/445

www.mandriva.com/security/advisories?name=MDVSA-2014:182

www.securityfocus.com/bid/69362

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.6%

Related for CVELIST:CVE-2014-5447

cve2 ubuntucve1 prion2 nvd2 nessus5 openvas9 cvelist1 fedora8 mageia1 securityvulns2