Nginx · Nginx · CVE-2013-0337
**Name of the Vulnerable Software and Affected Versions**
nginx versions 1.3.13 and earlier
**Description**
The default configuration of nginx uses world-readable permissions for the access.log and error.log files. This allows local users to obtain sensitive information by reading these files.
**Recommendations**
For versions 1.3.13 and earlier, consider changing the permissions of the access.log and error.log files to restrict read access to authorized users only.