In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. Insecure umask setting was present throughout the Versa servers.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HVersa Networks Versa Operating System
OSVersa-Networks< 16.1r2s1120.2.0 – 20.2.2 (bez)21.1.0 – 21.1.1 (bez)
Related vulnerabilities
In VOS user session identifier (authentication token) is issued to the browser prior to authentication but is ...
In VOS compromised, an attacker at network endpoints can possibly view communications between an unsuspecting ...
In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash func...
Versa Concerto SD-WAN: Authentication Bypass w konfiguracji Traefik reverse proxy
In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on ...