CVE-2021-44216

medium

Description

Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions that may allow unauthorized local users to access the Apache and Mission Portal log files.

References

https://northern.tech

https://cfengine.com/blog/2022/cve-2021-44215-and-cve-2021-44216/

Details

Source: Mitre, NVD

Published: 2022-03-10

Updated: 2022-03-15

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium