World-readable permissions in Zarafa 5.00 log directory expose sensitive information vulnerability

World-readable permissions in Zarafa 5.00 log directory expose sensitive information vulnerability

CVE-2014-5448 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Zarafa 5.00 uses world-readable permissions for the files in the log directory, which allows local users to obtain sensitive information by reading the log files.

Learn more about our User Device Pen Test.