Insecure Permissions in MicroFocus Cobol 4.1 AppTrack Feature

Insecure Permissions in MicroFocus Cobol 4.1 AppTrack Feature

CVE-2001-0208 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files.

Learn more about our User Device Pen Test.