Vulnerability Details CVE-2014-5448
Zarafa 5.00 uses world-readable permissions for the files in the log directory, which allows local users to obtain sensitive information by reading the log files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.9%
CVSS Severity
CVSS v2 Score 2.1
References
- http://advisories.mageia.org/MGASA-2014-0380.html
- http://seclists.org/oss-sec/2014/q3/444
- http://seclists.org/oss-sec/2014/q3/445
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:182
- http://www.securityfocus.com/bid/69365
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95452
- http://advisories.mageia.org/MGASA-2014-0380.html
- http://seclists.org/oss-sec/2014/q3/444
- http://seclists.org/oss-sec/2014/q3/445
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:182
- http://www.securityfocus.com/bid/69365
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95452