CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Zarafa: >> Webapp >> 1.6 Security Vulnerabilities

CVE-2014-5447

Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions (644) for config.php, which allows local users to obtain sensitive information by reading the PHP session files. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0103.

CVSS Score

2.1

EPSS Score

0.0

Published

2014-10-20

Page 1

Vulnerabilities

Vulnerable Software

Zarafa: >> Webapp >> 1.6 Security Vulnerabilities

Products

Pricing

Contact Us