Affected configuration(s):
cpe:/a:advantech:webaccess:8.2
Date published: 2017-08-30T14:29:00.967-04:00
Date last modified: 2017-09-05T10:03:14.667-04:00
CVSS Score: 4.6
Principal attack vector: LOCAL
Complexity: LOW
Reference URL: http://www.securityfocus.com/bid/100526
Summary: An Incorrect Permission Assignment for Critical Resource issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Multiple files and folders with ACLs that affect other users are allowed to be modified by non-administrator accounts.