CVE-2024-29965

In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the web interface or the command line interface "SSH". The resulting backups are world-readable. A local attacker can recover backup files, restore them to a new malicious appliance, and retrieve the...

CVE-2024-29965

In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the web interface or the command line interface "SSH". The resulting backups are world-readable. A local attacker can recover backup files, restore them to a new malicious appliance, and retrieve the...

CVE-2024-29965 Insecure backup

In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the web interface or the command line interface "SSH". The resulting backups are world-readable. A local attacker can recover backup files, restore them to a new malicious appliance, and retrieve the...

PT-2019-15816 · Red Hat · Ansible Tower

Name of the Vulnerable Software and Affected Versions: Ansible Tower versions 3.6.x before 3.6.2 Description: A flaw was found in Ansible Tower where files in '/var/backup/tower' are left world-readable. These files include both the SECRET KEY and the database backup. Any user with access to the...

CVE-2017-1000362

The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINSHOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins now deletes the...

DEBIAN-CVE-2005-1855

Backup Manager backup-manager before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information...