Insecure Temporary File
CVE-2018-16494
Summary
In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. Insecure umask setting was present throughout the Versa servers.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- LOW
- HIGH
- HIGH
CWE-377 - Insecure Temporary File
Creating and using insecure temporary files can leave application and system data vulnerable to attack.
References
Advisory Timeline
- Published