PT-2018-13221 · Accupos · Accupos
Published
2018-08-23
·
Updated
2020-08-24
·
CVE-2018-15809
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
AccuPOS version 2017.8
Description
The issue concerns an insecure permission setting, specifically "Authenticated Users: Modify", applied to files within the installation path. This setting may enable local attackers to compromise the integrity of critical resource and executable files.
Recommendations
For AccuPOS version 2017.8, consider changing the permission setting from "Authenticated Users: Modify" to a more restrictive setting to prevent local attackers from modifying critical files.
Fix
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Accupos