Improper Directory Permissions in Open-Xchange (OX) AppSuite and Server

Improper Directory Permissions in Open-Xchange (OX) AppSuite and Server

CVE-2014-9466 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Open-Xchange (OX) AppSuite and Server before 7.4.2-rev42, 7.6.0 before 7.6.0-rev36, and 7.6.1 before 7.6.1-rev14 does not properly handle directory permissions, which allows remote authenticated users to read files via unspecified vectors, related to the "folder identifier."

Learn more about our Cis Benchmark Audit For Server Software.