PT-2014-6479 · Zarafa · Zarafa

Published

2014-09-22

Updated

2017-09-08

CVE-2014-5448

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Zarafa version 5.00

Description The issue allows local users to obtain sensitive information by reading the log files due to world-readable permissions for the files in the log directory.

Recommendations For Zarafa version 5.00, consider changing the permissions of the log directory to restrict access and prevent unauthorized reading of log files.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2014-5448

MGASA-2014-0380

Affected Products

Zarafa

PT-2014-6479 · Zarafa · Zarafa

CVE-2014-5448

Weakness Enumeration

Related Identifiers

Affected Products

References · 12