Juniper JSNAPy CVE-2018-0023 Local Insecure File Permissions Vulnerability
BID:103745
CVE-2018-23 |Info
Juniper JSNAPy CVE-2018-0023 Local Insecure File Permissions Vulnerability
| Bugtraq ID: | 103745 |
| Class: | Design Error |
| CVE: |
CVE-2018-0023 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 11 2018 12:00AM |
| Updated: | Apr 11 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Juniper JSNAPy 1.2.1 Juniper JSNAPy 1.2 |
| Not Vulnerable: |
Juniper JSNAPy 1.3 |
Discussion
Juniper JSNAPy CVE-2018-0023 Local Insecure File Permissions Vulnerability
Juniper JSNAPy is prone to a local insecure-file-permissions vulnerability.
A local attacker can exploit this issue by gaining access to a world-readable file and extracting sensitive information from it. Information obtained may aid in other attacks.
Versions prior to Juniper JSNAPy 1.3.0 are vulnerable.
Juniper JSNAPy is prone to a local insecure-file-permissions vulnerability.
A local attacker can exploit this issue by gaining access to a world-readable file and extracting sensitive information from it. Information obtained may aid in other attacks.
Versions prior to Juniper JSNAPy 1.3.0 are vulnerable.
Solution / Fix
Juniper JSNAPy CVE-2018-0023 Local Insecure File Permissions Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Juniper JSNAPy CVE-2018-0023 Local Insecure File Permissions Vulnerability
References:
References: