Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses weak permissions (group "other" readable) under opt/open-xchange/etc/, which allows local users to obtain sensitive information via standard filesystem operations.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Open-Xchange Server ‘/opt/open-xchange/etc’不安全文件权限漏洞
Vulnerability Description
Open-Xchange Server是美国Open-Xchange公司的一个半开源项目。该项目主要用于开发协同软件,例如电子邮件、日历等。 Open-Xchange Server 6.22.1-rev13及之前的版本中存在不安全文件权限漏洞,该漏洞源于opt/open-xchange/etc/目录下的配置文件使用弱权限(组‘其他’可读)。本地攻击者可通过标准的文件系统操作利用该漏洞获得敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A