5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.045 Low
EPSS
Percentile
92.5%
Paste Script 1.7.5 and earlier does not properly set group memberships
during execution with root privileges, which might allow remote attackers
to bypass intended file-access restrictions by leveraging a web application
that uses the local filesystem.