Intersystems: >> Cache Database >> 5 Security Vulnerabilities
Unspecified vulnerability in the %template package in InterSystems Cache' 5.0 allows attackers to access certain files on a server, including (1) cache.key and (2) cache.dat, related to .csp files under (a) Dev\studio\templates and (b) Devuser\studio\templates.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-12-31
Unspecified vulnerability in the Cache' Server Page (CSP) implementation in InterSystems Cache' 4.0.3 through 5.0.5 allows remote attackers to "gain complete control" of a server.
CVSS Score
10.0
EPSS Score
0.011
Published
2003-12-31
Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs.
CVSS Score
7.2
EPSS Score
0.001
Published
2003-08-07
Caché Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows local users to execute arbitrary code by adding server-side scripts that are executed with root privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
2003-08-07