CVE-2014-8327CVE-2014-8327

Affected configuration(s):

cpe:/a:fal_sftp_project:fal_sftp:0.2.4::~~~typo3~~
cpe:/a:fal_sftp_project:fal_sftp:0.2.5::~~~typo3~~

Date published: 2014-10-27T11:55:25.157-04:00

Date last modified: 2017-09-07T21:29:22.513-04:00

CVSS Score: 4.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://typo3.org/extensions/repository/view/fal_sftp

Summary: The fal_sftp extension before 0.2.6 for TYPO3 uses weak permissions for sFTP driver files and folders, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.