2 matches found
CVE-2021-4016 Rapid7 Insight Agent Improper Access Control
Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper access control vulnerability whereby, the user has access to the snapshot directory. An attacker can access, read and copy any of the files in this directory e.g. assetinfo.json or fileinfo.json, leading to a loss of...
CVE-2021-4016
CVE-2021-4016 affects Rapid7 Insight Agent prior to 3.1.3, where improper access control allows local users to read the snapshot directory and copy files (e.g., asset_info.json, file_info.json), causing confidentiality loss. Root cause is lack of proper privilege restrictions for files in the sna...