Default File Permissions Vulnerability in IBM Sterling Connect:Direct for Unix

Default File Permissions Vulnerability in IBM Sterling Connect:Direct for Unix

CVE-2016-0380 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations.

Learn more about our User Device Pen Test.