Lucene search

K
prionPRIOn knowledge basePRION:CVE-2011-2729
HistoryAug 15, 2011 - 9:55 p.m.

Authentication flaw

2011-08-1521:55:00
PRIOn knowledge base
www.prio-n.com
6

6.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.8%

native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.

References

6.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.8%